[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Retransmits in traffic count?
I don't think this question is important enough for us to make a big issue
about it, but let me present the other side of the coin:
1. Retranmsissions can, depending on implementation details and network
traffic, comprise a significant portion of the Isakmp traffic. Some existing
implementations automatically send multiple copies of one or more packets.
For these implementations, counting the retransmits would degrade the SA
lifetime by a fairly significant amount (say 20%). I'm not suggesting that
sending multiple copies of the same packet is the best way to increase
reliablity, but that's why we have multiple vendors -- different people come
up with different solutions.
2. Let's face it: it's probably not that much work for an attacker to guess
which Isakmp packets are which. Unless you are clouding your network with
lots of fake Isakmp traffic, it doesn't take a lot of brains for an attacker
to guess that the first message in an exchange is QM1 and the next is QM2
and if you see the same message twice in a row then it's a retransmit.
3. The IV doesn't change in a retransmit. How would the other side know
which iv to use if they didn't receive the last packet? (which is presumably
why you are retransmitting) You don't get any new information from a
retransmit except that it is a retransmit. If there is a security issue here
then it will be a scenario where the attacker will guess that QM1 is more
likely to be dropped than any other packet so if this is a retransmit then
it is probably QM1. If this does give the attacker additional information
then it still won't have the same worth as traffic that actually contains
new data.
So what difference does counting the retransmits against the SA make to most
of us? Not much. But it's theoretically incorrect and it will degrade
implementations that send multiple copies of the same packet.
Andrew
_______________________________________________
Beauty without truth is insubstantial.
Truth without beauty is unbearable.
> -----Original Message-----
> From: Dan McDonald [mailto:danmcd@Eng.Sun.Com]
> Sent: Thursday, August 05, 1999 1:14 PM
> To: tjenkins@TimeStep.com
> Cc: ipsec@lists.tislabs.com
> Subject: Re: Retransmits in traffic count?
>
>
> > Let me start again.
> >
> > Should the traffic used in re-transmitting packets used in
> phase 1 SAs while
> > negotiating anything be counted against the traffic-based
> lifetime of the
> > SA?
> >
> > In other words, if I have to send the first quick mode 1
> message three times
> > before I get a response from the peer, should that first
> packet's traffic be
> > counted one time or three times against the phase 1 SA's
> lifetime (by
> > traffic) limitation?
>
> Sorry 'bout parsing the original question wrong.
>
> IMHO, yes, count those QM retransmissions. A bad guy/girl
> doing traffic
> analysis can put 2+2 together and probably see that it's QM
> retransmissions,
> and it may aid in his/her cryptanalysis.
>
> Just my $0.02.
>
> Dan
>
Follow-Ups: