Re: Why can't ESP authenticate IP header?

[Dan McDonald <danmcd@East.Sun.COM>]

> 
> >By allowing SA's to have a source address attribute and checking this
> >on receipt (as suggested by Steve Bellovin a long time ago).
> 
> Thanks for the info. Can the same trick be applied AH, assuming AH does not 
> hash part of the IP header? Of cause, AH includes more bits of the IP header 
> than just the source address.

Yes the same "trick" can be applied - and even if AH does hash the part of
the IP header!  In Solaris, we don't even run the HMAC if we the source
doesn't match what's in the SA.

Consider this way-out corner case:

	- I have an inbound AH SA <dst=me, spi=0x9999, src = weirdo>

	- Machine "weirdo" sends me an IP datagram with src=other-guy, dst=me
	  with AH, and the cryptography checks out.

	- Because my inbound SA has src = weirdo, I reject the inbound AH
	  SA at SA lookup time.

If you have a need for a multi-sender SA (e.g. multicast), you should set src
= INADDR{,6}_ANY on your SAs.

> What confuses me is that ESP provides authentication similar to AH, but does 
> it in a different way.

Yes it is confusing.  (There's much historical weirdness as to how this came
about.)

Dan

---

Follow-Ups:

• Re: Why can't ESP authenticate IP header?
• From: Michael Thomas <mat@cisco.com>

References:

• Re: Why can't ESP authenticate IP header?
• From: "john ipsec" <ipsec123@hotmail.com>

---

• Prev by Date: Re: Why can't ESP authenticate IP header?
• Next by Date: Re: Why can't ESP authenticate IP header?
• Prev by thread: Re: Why can't ESP authenticate IP header?
• Next by thread: Re: Why can't ESP authenticate IP header?
• Index(es):
  • Main
  • Thread