[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: how Nonce payload be used to prevent replay attack

To: "'sleepy-cat@263.net'" <sleepy-cat@263.net>
Subject: RE: how Nonce payload be used to prevent replay attack
From: "Aronson, David" <daronson@cryptek.com>
Date: Mon, 15 Oct 2001 13:23:00 -0400
Cc: "'ipsec@lists.tislabs.com'" <ipsec@lists.tislabs.com>
Sender: owner-ipsec@lists.tislabs.com

dxh (sleepy-cat@263.net) writes:

 > I am not very clear about that. Are there anybody can 
 > explain it to me?
 > I will be very appreciative for your help.

The basic idea seems to be, "quote this number I just made up back to me, or
I won't believe you're really carrying on a session".  Someone simply
replaying old recorded packets won't be able to do that, because the old
stuff would have a different nonce.

-- 
Dave Aronson, Software Engineer, +1-571-434-2039 V, +1-571-434-2001 F.
Cryptek Secure Communications, 1501 Moran Rd., Sterling, VA 20166 USA.
Opinions above are MINE, ALL MINE -- but for rent at reasonable rates.

Follow-Ups:

Re: how Nonce payload be used to prevent replay attack

From: Sandeep Joshi <sandeepj@research.bell-labs.com>

Prev by Date: Re: DataStructure for Storing SPD,SA Entries
Next by Date: Re: DataStructure for Storing SPD,SA Entries
Prev by thread: simulation of IPSEC
Next by thread: Re: how Nonce payload be used to prevent replay attack
Index(es):
- Main
- Thread