[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Man in the middle attack (draft-kaufman-ipsec-improveike-00.txt)?

To: ipsec@lists.tislabs.com
Subject: Man in the middle attack (draft-kaufman-ipsec-improveike-00.txt)?
From: kballou@quarrytech.com
Date: Mon, 16 Jul 2001 11:50:12 -0400
Sender: owner-ipsec@lists.tislabs.com

I'm sure I've missed something.

In section 7 (main mode with pre-shared keys), isn't
Alice's identity susceptible to a man-in-the-middle
attack?

Could Mallory impersonate Bob for the first two pairs
of messages, use the Diffie-Hellman key to learn Alice's
identity, and then not finish the protocol?  (Of course,
since Mallory doesn't know the pre-shared secret, he
can't fix up the third message to relay it to Bob even
with knowledge of Alice's identity.)

					- Ken

Prev by Date: Re: per-host keying
Next by Date: Re: I-D ACTION:draft-kaufman-ipsec-improveike-00.txt
Prev by thread: Re: I-D ACTION:draft-kaufman-ipsec-improveike-00.txt
Next by thread: Re: Man in the middle attack (draft-kaufman-ipsec-improveike-00.txt)?
Index(es):
- Main
- Thread