[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [mobile-ip] Re: replacing IPsec's replay protection?

To: Jari Arkko <jari.arkko@kolumbus.fi>
Subject: Re: [mobile-ip] Re: replacing IPsec's replay protection?
From: Uri Blumenthal <uri@bell-labs.com>
Date: Thu, 4 Apr 2002 13:07:31 -0500
Cc: Michael Thomas <mat@cisco.com>, ipsec@lists.tislabs.com, marcovici@lucent.com, Black_David@emc.com
In-Reply-To: <3CAB39E1.7090902@kolumbus.fi>
Organization: Lucent Technologies / Bell Labs
Original-Cc: Michael Thomas <mat@cisco.com>, ipsec@lists.tislabs.com, marcovici@lucent.com, Black_David@emc.com
References: <416B5AF360DED54088DAD3CA8BFBEA6E1DF1A4@TNEXVS02.tahoenetworks.com> <200204031734.MAA27006@nwmail.wh.lucent.com> <3CAB39E1.7090902@kolumbus.fi>
Reply-To: uri@bell-labs.com
Sender: owner-ipsec@lists.tislabs.com

On Wednesday 03 April 2002 12:20, Jari Arkko wrote:
 > > The description of the problem to solve seemed to be:
 > >
 > > 1. IPsec is preferred as protection mechanism, but
 > > 2. SA is established via IKEv1 and people don't want to pay this
 > > price. 3. So a lightweight "compact" protocol for establishing SA
 > > is needed, 4. but it must be defined as two peers must know how to
 > > negotiate.
 >
 > Uri, I'm not sure this was exactly the problem description. I'm
 > sure lots of people are willing to pay the price. 

Well, for those who're willing to use "full-power" of IKE (whatever 
version) - there is no problem, clearly.

 >The problem was
 > more about whether those folks who use manual keying would (a) be
 > vulnerable to replay attacks or (b) the existing application layer
 > sequence# would be used to protect also against this, even across
 > reboots.

For these folks, perhaps a semi-protocol that does session key 
establishment might be good.

Perhaps something like an "snmpEngineBoots" counter can be kept in 
NVRAM... 32 bits - not overly high cost even per-node.

 > While the subject of new key management protocols is very interesting
 > and even some new work might be useful there, I'm not sure the MIPv6
 > case is the right application. There, we'd much rather use whatever
 > the mainstream internet key management protocol happens to be at any
 > specific time. I also think it is realistic to assume some folks will
 > be using manual keys, and could potentially expose themselves to
 > replay attacks. But that's fine as long those folks have been warned
 > about it.

Point taken.
-- 
Regards,
Uri
-=-=-<>-=-=-
<Disclaimer>

References:
- Re: [mobile-ip] Re: replacing IPsec's replay protection?
  - From: Uri Blumenthal <uri@bell-labs.com>
- Re: [mobile-ip] Re: replacing IPsec's replay protection?
  - From: Jari Arkko <jari.arkko@kolumbus.fi>

Prev by Date: Re: [mobile-ip] Re: replacing IPsec's replay protection?
Next by Date: Re: [mobile-ip] Re: replacing IPsec's replay protection?
Prev by thread: Re: [mobile-ip] Re: replacing IPsec's replay protection?
Next by thread: Re: [mobile-ip] Re: replacing IPsec's replay protection?
Index(es):
- Date
- Thread