[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Choosing between IKEv2 and JFK

To: Dan Harkins <dharkins@tibernian.com>
Subject: Re: Choosing between IKEv2 and JFK
From: Eric Rescorla <ekr@rtfm.com>
Date: 12 Mar 2002 17:24:38 -0800
Cc: ipsec@lists.tislabs.com
In-Reply-To: Dan Harkins's message of "Tue, 12 Mar 2002 17:13:09 -0800"
References: <200203130113.g2D1D9D00446@fatty.lounge.org>
Reply-to: EKR <ekr@rtfm.com>
Sender: owner-ipsec@lists.tislabs.com

Dan Harkins <dharkins@tibernian.com> writes:
> Caching authenticator blobs and blacklisting the naughty ones will not
> stop this attack.
Right, I see your point. I'd forgotten about the cookie pre-fetch
phase. 

I agree that this attack exists with JFK and not with IKEv2. I'm not
sure how serious it really is, but it seems like it would be easy to
stop. JFK guys, do you have some reason not to include the initiators
IP in the authenticator?

-Ekr

-- 
[Eric Rescorla                                   ekr@rtfm.com]
                http://www.rtfm.com/

References:
- Re: Choosing between IKEv2 and JFK
  - From: Dan Harkins <dharkins@tibernian.com>

Prev by Date: Re: Choosing between IKEv2 and JFK
Next by Date: RE: Remove SHOULD for elliptic curve groups in IKEv2
Prev by thread: Re: Choosing between IKEv2 and JFK
Next by thread: RE: Choosing between IKEv2 and JFK
Index(es):
- Date
- Thread