[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: IPSEC Security Gateways & NAT

To: "'Dan Harkins'" <dharkins@lounge.org>
Subject: RE: IPSEC Security Gateways & NAT
From: "Chen, David" <dchen@ellacoya.com>
Date: Thu, 14 Jun 2001 12:45:39 -0400
Cc: ipsec@lists.tislabs.com
Sender: owner-ipsec@lists.tislabs.com

Dan,

Since the phase 1 goal is to auth DH-key exchange.
The DH key is generated *after* auth anyway. 

However,
the pre-shared key (pass-phrase) authetication cost less (and stateless) 
for responder to verify than "public key" authentication.

Regards,

--- David


-----Original Message-----
From: Dan Harkins [mailto:dharkins@lounge.org]
Sent: Thursday, June 14, 2001 12:05 PM
To: Chen, David
Cc: ipsec@lists.tislabs.com
Subject: Re: IPSEC Security Gateways & NAT 


  There is no need to compute a set of prime numbers to do the D-H
exchange in IKE. The prime number is specified in the group. In any
event, you still have to do a D-H when authenticating with pre-shared
keys so even if your premise was correct (that you need to generate a
set of prime numbers to do a D-H in IKE) then your conclusion (that 
pre-shared keys is somehow less susceptible to a DOS attack) does not 
follow.

  And again, the responder does not do any work D-H-wise until it has
received 2 messages from the same peer with the 2nd message containing
something he created. The DOS concern is not that it is doing unnecessary
D-H computation it is that it creates state upon the receipt of a single
message from an initiator. 

  Dan.

On Thu, 14 Jun 2001 10:07:05 EDT you wrote
> 
> If you pre-comp a set of prime numbers for DH-key exchange...
> These can use only one time and they are consumed faster then you can come
> up new ones.
> This is the DOS idea that keep the IPSec responder so busy (meaninglessly)
> that 
> no time for other meaningful activities.
> Recycling prime numbers for DH-key exchange is a implementation mistake???
> 
> The CR process requires pending on a state that waits for server search
> through the 
> chains of servers to come up CRL (and it grows longer along the time).  
> It is a classical eavesdropping. 
> 
> The preshared key (pass-phrase) can auth the peer with much less cost and
> stateless.
> 
> If someone can inscribe the first pair of DH-key exchange with CHAP(or
> others),
> it seems can remove some random DOS attack. 
> This will complement the DH-Key exchange's weakness of 
> unknowing the peer is "DOS attacker".
> 
> Regards,
> 
> --- David
>

Follow-Ups:

Re: IPSEC Security Gateways & NAT

From: Dan Harkins <dharkins@lounge.org>

Prev by Date: Re: IPSEC Security Gateways & NAT
Next by Date: Re: IPSEC Security Gateways & NAT
Prev by thread: RE: IPSEC Security Gateways & NAT
Next by thread: Re: IPSEC Security Gateways & NAT
Index(es):
- Main
- Thread