[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Query on cookies - RFC 2408

To: "RuheenaR@future.futsoft.com" <RuheenaR@future.futsoft.com>
Subject: Re: Query on cookies - RFC 2408
From: Ben McCann <bmccann@indusriver.com>
Date: Mon, 05 Jun 2000 09:50:42 -0400
CC: "'ipsec@lists.tislabs.com'" <ipsec@lists.tislabs.com>
References: <01BFCF17.C93ED980.RuheenaR@future.futsoft.com>
Sender: owner-ipsec@lists.tislabs.com

> How can the date and time information be added to the hashed information ?

Concatenate your current date and time of day (to their best available
resolution) together with the IP addresses of the two peers into a buffer.
Compute the hash of that buffer and then combine (XOR) the two halves of
your hash result to get the cookie.

We use SHA for the hash function. MD5 is probably OK but I'm not a
cryptographer... Our implementation also includes a random value in the
hashed buffer thatis computed once when we start our IKE daemon. This
assures the cookies will vary if our daemon is restarted.

-Ben McCann

-- 
Ben McCann                              Indus River Networks
                                        31 Nagog Park
                                        Acton, MA, 01720
email: bmccann@indusriver.com           web: www.indusriver.com 
phone: (978) 266-8140                   fax: (978) 266-8111

References:

Query on cookies - RFC 2408

From: Ruheena Rashid <RuheenaR@future.futsoft.com>

Prev by Date: RE: Commit Bit
Next by Date: Re: Interoperability (was: Death to AH?)
Prev by thread: Re: Query on cookies - RFC 2408
Next by thread: IKE testing
Index(es):
- Main
- Thread