[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: suggestion for JFK

To: "Angelos D. Keromytis" <angelos@cs.columbia.edu>
Subject: Re: suggestion for JFK
From: Dan Harkins <dharkins@SailPix.com>
Date: Wed, 12 Dec 2001 08:40:27 -0800
Cc: ipsec@lists.tislabs.com
In-Reply-To: Your message of "Tue, 11 Dec 2001 20:11:17 EST." <200112120111.fBC1BHKo030085@coredump.cs.columbia.edu>
Sender: owner-ipsec@lists.tislabs.com

> Except that adding the IP in the HMAC doesn't help you in getting more
> information for syslog purposes --- you can verify that you didn't
> give the HMAC to the IP address that it claims it came from, but you
> don't know who you gave it to (unless you keep state after Msg 1).

Upon receipt of message 3 the token has to be checked for correctness.
That is, upon receipt of message 3 the nonces and exponentials are
run through the HMAC keyed with HKr and the result is checked against
the token. Only if the two match do you try to decrypt the following
encrypted data. This check has to be done regardless, right?

If the addresss is included and token is corrrect but the encrypted data
is garbage you will know who sent you the garbage. If you don't include
the IP address all you know is you got garbage.

You don't need to keep any state after message 1.

> As for the NAT case, s/NAT/mobility or SCTP or multi-homed hosts or...

JFK will be creating an outbound IPsec SA to that IP address anyway.
Why does binding that IP address to the exchange that created the key
break things?

  Dan.

Follow-Ups:

Re: suggestion for JFK

From: "Angelos D. Keromytis" <angelos@cs.columbia.edu>

References:

Re: suggestion for JFK

From: "Angelos D. Keromytis" <angelos@cs.columbia.edu>

Prev by Date: Re: IKEv2 and NAT traversal
Next by Date: Re: suggestion for JFK
Prev by thread: Re: suggestion for JFK
Next by thread: Re: suggestion for JFK
Index(es):
- Main
- Thread