[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [mobile-ip] Re: replacing IPsec's replay protection?
On Wednesday 03 April 2002 12:20, Jari Arkko wrote:
> > The description of the problem to solve seemed to be:
> >
> > 1. IPsec is preferred as protection mechanism, but
> > 2. SA is established via IKEv1 and people don't want to pay this
> > price. 3. So a lightweight "compact" protocol for establishing SA
> > is needed, 4. but it must be defined as two peers must know how to
> > negotiate.
>
> Uri, I'm not sure this was exactly the problem description. I'm
> sure lots of people are willing to pay the price.
Well, for those who're willing to use "full-power" of IKE (whatever
version) - there is no problem, clearly.
>The problem was
> more about whether those folks who use manual keying would (a) be
> vulnerable to replay attacks or (b) the existing application layer
> sequence# would be used to protect also against this, even across
> reboots.
For these folks, perhaps a semi-protocol that does session key
establishment might be good.
Perhaps something like an "snmpEngineBoots" counter can be kept in
NVRAM... 32 bits - not overly high cost even per-node.
> While the subject of new key management protocols is very interesting
> and even some new work might be useful there, I'm not sure the MIPv6
> case is the right application. There, we'd much rather use whatever
> the mainstream internet key management protocol happens to be at any
> specific time. I also think it is realistic to assume some folks will
> be using manual keys, and could potentially expose themselves to
> replay attacks. But that's fine as long those folks have been warned
> about it.
Point taken.
--
Regards,
Uri
-=-=-<>-=-=-
<Disclaimer>