[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Simplifying IKE

To: Hugo Krawczyk <hugo@ee.technion.ac.il>
Subject: Re: Simplifying IKE
From: "Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>
Date: Thu, 12 Oct 2000 10:12:00 -0400
Cc: "Derrell D. Piper" <ddp@cips.nokia.COM>, Dan Harkins <dharkins@cips.nokia.COM>, ipsec <ipsec@lists.tislabs.com>
In-reply-to: Your message of "Thu, 12 Oct 2000 14:53:04 +0200." <Pine.GSO.4.21.0010111709140.9971-100000@ee.technion.ac.il>
Sender: owner-ipsec@lists.tislabs.com


In message <Pine.GSO.4.21.0010111709140.9971-100000@ee.technion.ac.il>, Hugo Kr
awczyk writes:
>
>If savings of rounds is considered important this can be achieved 
>without aggressive mode, namely, whenever a phase 1 exchange is performed
>skip phase 2 and derive key material directly from SKEYID_d. 
>This is possible and has no cryptographic disadvantage. However, it
>certainly changes IKE. Moreover, it violates current isakmp processing.
>Are there any clear reasons (beyond the above changes to IKE and isakmp)
>not to do that?

You'd have to move the negotiation currently happening in Phase 2 to Phase 1;
this includes all the Phase 2 IDs and the IPsec SA parameters.
-Angelos

References:

Re: Simplifying IKE

From: Hugo Krawczyk <hugo@ee.technion.ac.il>

Prev by Date: RE: Larger DH groups?
Next by Date: RE: Simplifying IKE (was RE: Reliable delete notifies)
Prev by thread: Re: Simplifying IKE
Next by thread: Tutor
Index(es):
- Main
- Thread