[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Definition of PFS...

To: "'IP Security List'" <ipsec@lists.tislabs.com>
Subject: Re: Definition of PFS...
From: Michael Richardson <mcr@solidum.com>
Date: Wed, 11 Oct 2000 18:51:34 -0400
In-Reply-To: Your message of "Wed, 11 Oct 2000 09:50:54 EDT." <007a01c0338a$476ad120$d23e788a@andrewk3.ca.newbridge.com>
Sender: owner-ipsec@lists.tislabs.com


>>>>> "Andrew" == Andrew Krywaniuk <andrew.krywaniuk@alcatel.com> writes:
    Andrew> I recently decided to do some research on something that has
    Andrew> bugged me for quite awhile now: What is the point of doing PFS in
    Andrew> phase 2?

    Andrew> The reason I wonder about this is that presumably you will use
    Andrew> the same group in phase 2 that you used in phase 1, so if an
    Andrew> adversary can crack your phase 1 DH then he can presumably expend
    Andrew> the 1 bit of additional effort required to crack the phase 2
    Andrew> DH. It seems like you would be better off using a larger modulus

  PFS does not just defend against being attacked. 

  It also defends against the situation where a third party compels one
party to provide some set of keys. PFS guarantees that a simple search warant
only catches traffic *currently* in transit, not all previous and future
traffic.

   :!mcr!:            |  Solidum Systems Corporation, http://www.solidum.com
   Michael Richardson |For a better connected world,where data flows faster<tm>
 Personal: http://www.sandelman.ottawa.on.ca/People/Michael_Richardson/Bio.html
	mailto:mcr@sandelman.ottawa.on.ca	mailto:mcr@solidum.com

Follow-Ups:

Re: Definition of PFS...

From: Bill Sommerfeld <sommerfeld@East.Sun.COM>

References:

Definition of PFS...

From: "Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com>

Prev by Date: Re: Help - IPSEC beginner
Next by Date: Re: Help - IPSEC beginner
Prev by thread: Definition of PFS...
Next by thread: Re: Definition of PFS...
Index(es):
- Main
- Thread