[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Password in IKE



The attacker has to spoof as the responder, and get the initiator to send
the Main Mode message 5 which is encrypted. Then the attacker will have
the DH secret to carry out the dictionay attack on the pre-shared key.

Is there any other way of doing a simple dictionary attack?

    thanks,
    chinna

On Wed, 14 Feb 2001, Steven M. Bellovin wrote:

> In message <36C77589.68D52AD7@ercist.iscas.ac.cn>, "Chen Kai Qu" writes:
> >Hello.
> >
> >The IKE key exchange would be open to dictionary attack if the IKE phase
> >1
> >is authenticated with password as a pre-shared key. Is it necessary to
> >add  a
> >new password-based authentication method for the users who would like to
> >
> >use password?
> >
> 
> That's one of the functions of the ipsra group.
> 
> 		--Steve Bellovin, http://www.research.att.com/~smb
> 
> 

chinna narasimha reddy pellacuru
s/w engineer



References: