[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Simplifying IKE
> > And what is the purpose of having different SAs to protect
> different flows?
> > (besides thwarting traffic analysis)
>
> Far from thwarting traffic analysis, I think that makes it
> easier. Having
> multiple SAs between two gateways gives an analyst more data.
> He or she
> can look at the data in the header that classifies packets by SA.
Sorry, I meant "traffic analysis" in the more general sense of analyzing
anything about the traffic flow, in this case specifically cryptanalysis of
the data stream. I originally did this in the ipsec-properties draft as well
until someone pointed out that it was vague. Is there a well-defined term
for this type of traffic analysis? "Data analysis"?
While I am personally in favour of sending all traffic down a single tunnel
(in most cases), I did think of one attack which could be thwarted by
separating traffic flows:
Imagine that an attacker can generate traffic on flow A behind a gateway and
read the encrypted traffic on the Internet; he now has the possibility of
doing a chosen-plaintext attack. If the gateway sends traffic across
multiple SAs, then cryptanalysis of the output stream for flow A will only
allow the attacker to crack the key for SA_A (which only protects traffic
which was generated by the attacker).
Andrew
-------------------------------------------
Upon closer inspection, I saw that the line
dividing black from white was in fact a shade
of grey. As I drew nearer still, the grey area
grew larger. And then I was enlightened.
Follow-Ups:
References: