[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Re: question about Nonce
Sorry, you are correct. The cookie is reachability. The nonces
are used to derive the session key. The nonces should be used
ONLY ONCE. This means that each phase-i and each phase-ii nonce
should be generated independently.
-derek
dxh <sleepy-cat@263.net> writes:
> =09you still did not tell if the nonce in phase one and the one in=
> phase two is
> the same. And I think the cookie is not the nonce. It's cookie's=
> reachability, not
> nonce's, that is tested.
> =09I am a newbie in security area. Maybe I miss your point. Would=
> you give more
> detail?
>
>
>
> you writes:
> >The nonce provides a quick, non-cryptographic check to prevent=
> not
> >only replay but also DoS attacks. The responder should not have=
> to
> >perform any high-CPU operations (e.g. modexp) until the nonce=
> (cookie)
> >reachability test has succeeded.
> >
> >-derek
> >
> >dxh <sleepy-cat@263.net> writes:
> >
> >> =09I am not sure if the nonce in Phase One is the same as
> >> the one in Phase two. And I still can not see why there is
> >> need using nonce to prevent from replay attacking in Phase
> >> One. I think the Kes of DH exch can do this.
> >>
> >>
> >>
> >> Dong Xiaohu
> >>
> >
> >--
> > Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
> > Member, MIT Student Information Processing Board (SIPB)
> > URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
> > warlord@MIT.EDU PGP key available
>
> =D6=C2
> =C0=F1=A3=A1
>
> dxh
> sleepy-cat@263.net
>
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available
References: