[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RFC2409

To: Ivars Suba <IvarsS@bank.lv>
Subject: RFC2409
From: Tero Kivinen <kivinen@ssh.fi>
Date: Thu, 10 Jun 1999 22:34:03 +0300 (EET DST)
Cc: ipsec@lists.tislabs.com
In-Reply-To: <6078A04DA8A8D21189DD00A024B211101B9827@lasis.bank.lv>
Organization: SSH Communications Security Oy
References: <6078A04DA8A8D21189DD00A024B211101B9827@lasis.bank.lv>
Sender: owner-ipsec@lists.tislabs.com

Ivars Suba writes:
> IPSec/IKE (RFC2409) Public Key Encryption Aggressive mode"(Phase 1)
> vulnerability is myself advice. It seems that IPSec/IKE Public Key
> Encryption Revised Aggressive Mode and IPSec/IKE Pre-Shared Key Aggressive
> Mode also vulnerable to this type of attack (Chess grandmaster). However,
> they will be stopped at Phase 2 - Quick Mode (ISAKMP payload is Encrypted).
> If Initiator and Cheater will share DHPrivKey_i, they will continue this
> attack against Responder in Phase 2 - Quick Mode still :). For more detailed
> information look in appendice.

How can the cheater convince the Initiator to use his public key
instead of the responder? If the Initiator uses Responders public key
the C cannot know the value of Ni, thus it cannot calcute the Hash
payload, because the Ni is needed there. I don't think this "attack"
would work. 
-- 
kivinen@iki.fi                               Work : +358-9-4354 3218
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/

References:

RFC2409

From: Ivars Suba <IvarsS@bank.lv>

Prev by Date: Re: NAT and IPSEC INCOMPATIBLE???
Next by Date: Re: NAT and IPSEC INCOMPATIBLE???
Prev by thread: RFC2409
Next by thread: Re: RFC2409
Index(es):
- Main
- Thread