[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: question about Nonce
The nonce provides a quick, non-cryptographic check to prevent not
only replay but also DoS attacks. The responder should not have to
perform any high-CPU operations (e.g. modexp) until the nonce (cookie)
reachability test has succeeded.
-derek
dxh <sleepy-cat@263.net> writes:
> I am not sure if the nonce in Phase One is the same as
> the one in Phase two. And I still can not see why there is
> need using nonce to prevent from replay attacking in Phase
> One. I think the Kes of DH exch can do this.
>
>
>
> Dong Xiaohu
>
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available
References: