Re: attack on identity protection in IKE

[Tamir Zegman <zegman@checkpoint.com>]

Jianying Zhou wrote:

> Identity protection is a feature of the main mode protocol. However,
> an attack is possible for the main mode protocol using public key
> encryption for authentication (when RSA is the encryption algorithm).
>
> In that protocol, the peer's identity payload is encrypted with the
> other party's public key. When the ID is only a 32-bit IP address,
> it is easy to find the encrypted ID by the brute force attack.
>

According to PKCS#1, random bytes are used to pad the data before
encryption, thus making a brute force attack impractical.


>
> The main mode protocol using revised mode of public key encryption
> does not suffer from the attack.
>
> Jianying
> ---------------------------------------------------------------------
> Dr. Jianying Zhou        | Tel:   +65-8742585
> Kent Ridge Digital Labs  | Fax:   +65-7744990
> 21 Heng Mui Keng Terrace | Email: jyzhou@krdl.org.sg
> Singapore 119613         | WWW:   http://www.krdl.org.sg
> ---------------------------------------------------------------------

--
=========================================================================

This message may contain confidential and/or proprietary information, and
is
intended only for the person / entity to whom it was originally
addressed.
The content of this message may contain private views and opinions which
do
not constitute a formal disclosure or commitment unless specifically
stated.

---

References:

• attack on identity protection in IKE
• From: Jianying Zhou <jyzhou@krdl.org.sg>

---

• Prev by Date: attack on identity protection in IKE
• Next by Date: RE: Weak authentication in Xauth and IKE
• Prev by thread: attack on identity protection in IKE
• Next by thread: Re: attack on identity protection in IKE
• Index(es):
  • Main
  • Thread