[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ipsec error protocol



> This is a quick response, and admittedly, I haven't given this a lot of
> thought, but I'm wondering: isn't this essentially the function of the
> INITIAL-CONTACT message?

No.  

initial-contact is a notify message transmitted within a
recently-created phase 1 SA.  in order for it to be authenticated, you
need to have gone through all the IKE phase 1 overhead to re-build the
state.

initial-contact is just an optimization once the SA is set up; the
receiver could just send the sender DELETE messages for each bogus SPI
it gets.

Here's a revised problem statement:

Assume that two nodes A and B have ipsec SA's up, and periodically A
is sending B a packet which B responds to (i.e., all exchanges are
initiated by A; B is just a passive responder/server.

Now, assume that B suddenly reboots and it tosses away all IKE and
ipsec SA state.  It comes back up, and starts getting AH/ESP packets
for SA's it doesn't remember.

How do we efficiently recover from this state (where A has stale state
for B) without creating opportunities for denial-of-service attacks
and without having to wait for the SA's to expire and for rekey to
kick in?

The "birth certificate" approach puts the computational burden
(signature verification) on the end which still has state for the
association and which has traffic it wants to send.

					- Bill


References: