[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Initiator exposes DOS attack for IKEv2?



Hi all,

Hopefully, I do not misunderstand the draft in this DOS attack scenario.
Welcome any input.

Assume Initiator creates the Diffe-Herman group x public key and sends
the KE payload to the responder in the IKE_SA_INIT exchange. The
responder does not like this group x DH. It should response back with
"INVLID_KE_PAYLOAD" indicating the corrected DH group (see 2.7). Since
IKE_SA_INIT exchange is clear text exchange, there is a possible the
third party acts as the responder to reply this "INVALID _KE_PAYLOAD"
for each initiator' request.

This causes the initiator continues changing the DH group and re-send
the KE payload that the responder wants.

We know DH calculation is very CPU-intensive. Initiator system can have
very bad DOS attack by this scenario. Any comment?

Thanks,

Tom Hu