[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Phase 1 KB lifetime

To: Ben McCann <bmccann@indusriver.com>, Andrew Krywaniuk <akrywaniuk@TimeStep.com>
Subject: RE: Phase 1 KB lifetime
From: Andrew Krywaniuk <akrywaniuk@TimeStep.com>
Date: Wed, 19 Jan 2000 19:12:16 -0500
Cc: ipsec@lists.tislabs.com
Sender: owner-ipsec@lists.tislabs.com

Ben:

> 1. How should an IPSEC station notify a peer that it received 
> an invalid
>    SPI in an _IPSEC_ packet (AH, ESP, or IPCOMP)?

Andrew:

If the phase 1 exists, send a secure invalid spi (or a delete if you want).
But assume that the phase 1 does not exist:

An unauthenticated delete is inappropriate because the peer cannot trust it.
If the peer DID trust it then an attacker could take your SAs down at any
point by spoofing a delete.

Not sending anything is safe, but it doesn't help the peer identify the
cause of the problem if, in fact, there is a connection loss.

I believe that sending a notify invalid spi is appropriate because it does
not consume enough CPU time to allow a DoS attack. If you're really
concerned about DoS, you can send the notify only on the first occurrence
and then ignore all subsequent bad packets... but IMHO protecting against
DoS attackers who have large amounts of CPU power is, in general, a losing
proposition.


Ben:

> 2. Substantial discussion is underway about the 
> RESPONDER-LIFETIME notify
>    message.

I don't know how this topic got started. I think Dan misinterpreted one of
my comments and we got off on this sidetrack.

> Is it illegal for the responder to modify the 
> lifetime proposal
>    made by the initiator and send that back in his proposal selection?

Yes. See [IKE] pg 9.

>    For example, initiator sends a proposal with:
> 
> 	ESP with DES and 3600 second lifetime
> 
>    The responder finds a matching policy _except_ it requires a 2000
>    second lifetime. Why can't the responder send back in his 
> SA payload
>    the proposal:
> 
> 	ESP with DES and 2000 second lifetime
> 
>    Doesn't this eliminate the need for RESPONDER-LIFETIME?

Theoretically, this would work. I think the stipulation that the attributes
may not be modified was included for the purpose of making parsing easier.
It might also be a safeguard to prevent the responder from inserting covert
information into the initiator's signature.

Andrew
_______________________________________________
 Beauty without truth is insubstantial.
 Truth without beauty is unbearable.

Follow-Ups:

Re: Phase 1 KB lifetime

From: Ben McCann <bmccann@indusriver.com>

Prev by Date: Re: Bruce Schneier on IPsec
Next by Date: RE: Phase 1 KB lifetime
Prev by thread: Re: Phase 1 KB lifetime
Next by thread: Re: Phase 1 KB lifetime
Index(es):
- Main
- Thread