[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Position statement on IKE development
Dear Marcus, Jeff and Steve,
May I make a suggestion given the seriousness of this?
Let's hold an international design competition to select a key
management protocol for IPSec in a manner similar to how NIST did
the AES selection (although I hope it takes less than 5 years).
Once we get to a final 5, then let's cryptanalyze them and select
the best one. In this manner hopefully we can avoid a 2nd debacle.
Sincerely,
- Alex Alten
At 09:33 PM 8/2/2001 -0400, Marcus Leech wrote:
>I'm sending the attached ASCII TEXT document on behalf of myself, Jeff
>Schiller, and
> Steve Bellovin, to clarify our position with respect to IKE
>development. It is our hope
> that it will clarify, to some extent, some fuzziness in this area that
>has evolved over
> the last year or so.In the several years since the standardization of
the IPSEC protocols
>(ESP, AH, and ISAKMP/IKE), there have come to light several security
>problems with the protocols, most notably the key-agreement protocol,
>IKE. Formal and semi-formal analyses by Meadows, Schneier et al, and
>Simpson, have shown that the security problems in IKE stem directly
>from its complexity. It seems only a matter of time before more
>analyses show more serious security issues in the protocol design that
>stem directly from its complexity. It seems also, only a matter of
>time, before serious *implementation* problems become apparent, again
>due to the complex nature of the protocol, and the complex
>implementation that must surely follow.
...
>
>
>Marcus Leech (IESG)
>Jeff Schiller (IESG)
>Steve Bellovin (IAB)
>
--
Alex Alten
Alten@Home.Com
Follow-Ups:
References: