[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: pfs support
Supporting PFS involves:
1. Doing a second key exchange with DH in Phase 2
2. Deleting the Phase 1 SA immediately after the Phase 2 to dispose of the
key material involved
Obviously, step 2 is not going to work very well unless both parties send
and interpret Delete notifications. Inconsistent implementation of Delete
notifications is the single biggest interop issue I see in other
implementations. Lack of support for Initial Contact notifications would
be the second. If you didn't send a Delete notification when you deleted
your Phase 1 SA, it's understandable that the other side would do what
you're seeing because implementation of #2 above seems to be fairly inconsistent.
Tylor Allison wrote:
>
> This may be a dumb question, but what exactly is meant by saying
> "I support PFS"? I ran into a few problems when trying to rekey with a
> few vendors at the interop because my interpretation of PFS was different
> than theirs.
>
> I believe my implementation is accomplishing PFS for both identities and
> keys by uniquely binding each Phase 1 SA with a single Phase 2 SA and
> performing a second DH exponentiation in the Quick Mode. Therefore, when
> I need to start a rekey, I will create a new Phase 1 SA followed by a New
> Phase 2 SA. The problems I experienced was when the remote peer attempted
> to start the rekey, and they would use the old Phase 1 SA to establish a
> new Quick mode. I rejected this offer, since it attempted to use the old
> SA... and the rekeying seemed to suffer.
>
> Back to my question then, what is everyone else doing to support PFS? Are
> you supporting PFS for key material only? Or are you supporting PFS for
> key material and identities? Has anyone else experienced any rekey
> problems associated with interoperating with a vendor who has implemented
> a PFS mode different from what you have implemented?
>
> Thanks in advance.
>
> Tylor
>
> ---
> Tylor Allison tylor_allison@securecomputing.com (651) 628-1554
> Secure Computing Corporation
--
Will Price, Architect/Sr. Mgr., PGP Client Products
Total Network Security Division
Network Associates, Inc.
Follow-Ups:
References:
- pfs support
- From: Tylor Allison <allison@securecomputing.com>