[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Use OTP in IPSEC?

To: Markku Savela <msa@hemuli.tte.vtt.fi>
Subject: Re: Use OTP in IPSEC?
From: Ari Huttunen <Ari.Huttunen@datafellows.com>
Date: Thu, 07 Oct 1999 13:52:34 +0300
CC: ipsec@lists.tislabs.com
Organization: Data Fellows Oyj
References: <199910061052.NAA29733@anise.tte.vtt.fi>
Sender: owner-ipsec@lists.tislabs.com

Would it be possible to use this idea together with the Host Identity Payload?
Use something based on One Time Passwords instead of DSA?

E.g. something like

- First message is DSA-authenticated by the sender and contains, in addition
  to existing HIP-stuff, an OTP-seed-value that is RSA-encrypted with the
  recipients public key. (The encrypted seed value would also be authenticated.)

- Both parties calculate hashes from the seed value N times, and start using
   them in reverse order.

- Next message sent by the same sender will no longer use DSA, but something
  based on OTP. The receiver would have some sort of replay protection
  window to allow for packet re-orderings while in transit.

This method could also be used for encryption, the initiator would one-sidedly
choose the encryption key it wishes, and send that encrypted with the recipient's
public key.

Just an idea...

Ari

Markku Savela wrote:

> This is just one my random ideas that float in the background, and
> just decided to sound it off on this list...
>
> I think there might be some special cases where even use of OTP (One
> time pad) might be usable with IPSEC.
>
> Possible technical definition: Within ESP, each packet would, instead
> of IV, use an 64 bit offset to OTP that is somehow known to both ends
> (with the usual problems of keeping the OTP secret etc.)
>
>         A server that provides some highly sensitive, but short,
>         information as a responce to queries could use this
>         method. [This almost implicitly requires the ability to
>         negotiate assymmetric associations (currently only possible
>         with manual configuring)
>
>         Server ----> IPSEC(OTP) ------> clients
>                <---- other protection
>
>         [cant have multiple senders use the same OTP, as it would be
>         hard to prevent the same pad segment being used twice].
>
> OTP might be useful also in the key echange of the key management, if
> one is suspicious about the public key algorithms.

--
Ari Huttunen                   phone: +358 9 859 900
Senior Software Engineer       fax  : +358 9 8599 0452

Data Fellows Corporation       http://www.DataFellows.com

F-Secure products: Integrated Solutions for Enterprise Security

References:

Use OTP in IPSEC?

From: Markku Savela <msa@anise.tte.vtt.fi>

Prev by Date: RE: diffedge handling of fragments
Next by Date: I-D ACTION:draft-ietf-ipsec-isakmp-gss-auth-03.txt
Prev by thread: Use OTP in IPSEC?
Next by thread: I-D ACTION:draft-ietf-ipsec-isakmp-gss-auth-03.txt
Index(es):
- Main
- Thread