[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Retransmits in traffic count?



> Let me start again.
> 
> Should the traffic used in re-transmitting packets used in phase 1 SAs while
> negotiating anything be counted against the traffic-based lifetime of the
> SA?
> 
> In other words, if I have to send the first quick mode 1 message three times
> before I get a response from the peer, should that first packet's traffic be
> counted one time or three times against the phase 1 SA's lifetime (by
> traffic) limitation?

Sorry 'bout parsing the original question wrong.

IMHO, yes, count those QM retransmissions.  A bad guy/girl doing traffic
analysis can put 2+2 together and probably see that it's QM retransmissions,
and it may aid in his/her cryptanalysis.

Just my $0.02.

Dan


References: