[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CRACK
Yael,
Please consult with
http://www.ietf.org/internet-drafts/draft-matsuura-sign-mode-01.txt
about a modified authentication mode more resistant against the DoS
you mentioned.
Any comments are welcome.
Thanks,
Yael Dayan <yael@radguard.com> wrote:
>>Dan,
>>I think there is some wording missing in the security considerations
>>section.
>>I am referring to vulnerabilities to denial of service attacks.
>>The gateway is required to answer with KE and SIG prior to any knowledge
>>of who the initiator is. (The SIG cannot be prepared ahead of time.).
>>An attacker only needs to know the gateway's address to launch an attack
>>that requires very little effort on his behalf.
>>
>>Yael
--^^--
Kanta
References:
- Re: CRACK
- From: Yael Dayan <yael@radguard.com>