[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IKEv2 and SIGMA

To: Hugo Krawczyk <hugo@ee.technion.ac.il>
Subject: Re: IKEv2 and SIGMA
From: Derek Atkins <warlord@mit.edu>
Date: 28 Nov 2001 17:16:25 -0500
Cc: Charlie_Kaufman@iris.com, IPsec WG <ipsec@lists.tislabs.com>
In-Reply-To: Hugo Krawczyk's message of "Wed, 28 Nov 2001 23:08:35 +0200 (IST)"
References: <Pine.GSO.4.21.0111282305500.12078-100000@ee.technion.ac.il>
Sender: owner-ipsec@lists.tislabs.com

Hugo Krawczyk <hugo@ee.technion.ac.il> writes:

> ESP specifications are defined to secure raw data, not functioning
> as an authentication mechansim in a key exchange protocol. 

Actually, Hugo, if you step back and view "a key exchange protocol" as
"raw data", then ESP works perfectly well.  Keep in mind that this is
not ESP in the standard sense.  Rather, this is using the ESP packet
format with the key-exchange-protocol Security Association.

If you believe that the ESP packet format and transforms are secure,
then why not use them in other places, too?

This discussion is extremely similar to the one we had in KINK in
London regarding the re-use of IKE Phase-II Quick-Mode to negotiate
the IPsec SA parameters.  The point is to reuse the data formats and
as much of the state machine as possible, but using it in a different
context.

-derek
-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available

Follow-Ups:

Re: IKEv2 and SIGMA

From: Hugo Krawczyk <hugo@ee.technion.ac.il>

References:

Re: IKEv2 and SIGMA

From: Hugo Krawczyk <hugo@ee.technion.ac.il>

Prev by Date: RE: On shared keys (was RE: SOI: identity protection and DOS)
Next by Date: ANNOUNCE: ISOC Netw. & Distr. Sys. Security Symp. (NDSS'02)
Prev by thread: Re: IKEv2 and SIGMA
Next by thread: Re: IKEv2 and SIGMA
Index(es):
- Main
- Thread