[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Position statement on IKE development
Ferguson and Schneier suggested the same thing as an alternative to
design-by-committee, which they suggested was the source of problems with
IPsec and IKE. When I read this, I did not think it was a viable solution
because the IPsec and IKE requirements were so much more complex than AES.
I don't think their criticisms of IKE were ever addressed on this list
though the points about AH and ESP were as I recall.
Mark
At 10:04 PM 8/2/2001 -0700, Alex Alten wrote:
>Dear Marcus, Jeff and Steve,
>
>May I make a suggestion given the seriousness of this?
>
>Let's hold an international design competition to select a key
>management protocol for IPSec in a manner similar to how NIST did
>the AES selection (although I hope it takes less than 5 years).
>Once we get to a final 5, then let's cryptanalyze them and select
>the best one. In this manner hopefully we can avoid a 2nd debacle.
>
>Sincerely,
>
>- Alex Alten
>
>
>At 09:33 PM 8/2/2001 -0400, Marcus Leech wrote:
> >I'm sending the attached ASCII TEXT document on behalf of myself, Jeff
> >Schiller, and
> > Steve Bellovin, to clarify our position with respect to IKE
> >development. It is our hope
> > that it will clarify, to some extent, some fuzziness in this area that
> >has evolved over
> > the last year or so.In the several years since the standardization of
>the IPSEC protocols
> >(ESP, AH, and ISAKMP/IKE), there have come to light several security
> >problems with the protocols, most notably the key-agreement protocol,
> >IKE. Formal and semi-formal analyses by Meadows, Schneier et al, and
> >Simpson, have shown that the security problems in IKE stem directly
> >from its complexity. It seems only a matter of time before more
> >analyses show more serious security issues in the protocol design that
> >stem directly from its complexity. It seems also, only a matter of
> >time, before serious *implementation* problems become apparent, again
> >due to the complex nature of the protocol, and the complex
> >implementation that must surely follow.
>
>...
>
> >
> >
> >Marcus Leech (IESG)
> >Jeff Schiller (IESG)
> >Steve Bellovin (IAB)
> >
>--
>
>Alex Alten
>
>Alten@Home.Com
References: