Again with another doubt!

[Neeraj Kapoor <neerajk@cse.iitk.ac.in>]

Hello friends,
As stated in the rfc the Oakley tries to to stateless in a way that
means that all the data sent earlier is repeated in the later
messages, i.e later messages only add new stuff to packet they never
remove anything from the packet. 

Well, i have a doubt in this case which goes on like this.
Let's have a look at the "agressive mode with hidden identities"

   Initiator                                                   Responder
   ---------                                                   ---------
     -> CKY-I, 0,     OK_KEYX, GRP, g^x, EHAO, NIDP,                ->
        ID(R'), E{ID(I), ID(R), E{Ni}Kr}Kr'
   
	<-  CKY-R, CKY-I, OK_KEYX, GRP, g^y, EHAS, NIDP,
        E{ID(R), ID(I), Nr}Ki,
        prf(Kir, ID(R) | ID(I) | GRP | g^y | g^x | EHAS) <-

	 -> CKY-I, CKY-R, OK_KEYX, GRP, 0, 0, NIDP,
        prf(Kir, ID(I) | ID(R) | GRP | g^x | g^y | EHAS)    ->


This last exchange violates the thing stated as we can see that values
0(zero) have been specified for the fields g^x and EHAS. ? Thus the statement 
that the messages always add content rather than removing any of the previous
information is also not fully justified.....although the rfc2412 speaks that 
Can anybody help me in this regard ???.

neeraj
	
=================================
 Neeraj Kapoor                    
 M.Tech.(Computer Sc. & Engg.         
                                 
 F-304, Hall- IV,                
 Indian Institute of Technology    	
 Kanpur(UP), India                 
 PIN : 208016                   
 e-mail:                       
 neerajk@cse.iitk.ac.in        
 Phone:                        
 (0512)-597314,597114 (Hostel) 
 (0512)-597653        (Lab)    
=================================

---

• Prev by Date: Re: IKE entropy issues with long keys
• Next by Date: Re: IKE entropy issues with long keys
• Prev by thread: Collision of IPSec SA negotiation.
• Next by thread: RSA != RSA?
• Index(es):
  • Main
  • Thread