On a hybrid authentication mode for IKE
Kanta Matsuura <kanta@hideki.iis.u-tokyo.ac.jp> Fri, 25 June 1999 15:23 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id IAA00405; Fri, 25 Jun 1999 08:23:21 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id JAA23666 Fri, 25 Jun 1999 09:29:25 -0400 (EDT)
Message-Id: <9906250320.AA02014@Ichiko.imailab.iis.u-tokyo.ac.jp>
From: Kanta Matsuura <kanta@hideki.iis.u-tokyo.ac.jp>
Date: Fri, 25 Jun 1999 12:20:04 +0900
To: ipsec@lists.tislabs.com
Cc: kanta@hideki.iis.u-tokyo.ac.jp
Subject: On a hybrid authentication mode for IKE
MIME-Version: 1.0
X-Mailer: AL-Mail 1.32
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
Dear friends,
I'd like to make a comment on
draft-ietf-ipsec-isakmp-hybrid-auth-02.txt
(A Hybrid Authentication Mode for IKE).
In the 6th section, the document says that
protection against DoS is not provided.
My comment is that, since the Hybrid Authentication Mode
uses Signature Mode of IKE first,
a modified mode of it (draft-matsuura-sign-mode-00.txt)
would be a better solution.
The idea is the use of intermediate random fresh value
as an additional input to the HASH payload in the ack message
from the client; if the client (maybe a DoS attacker) does not
follow the protocol (i.e. skip the verification of the responder's
signature), he/she cannot produce the correct HASH, which is
efficiently (<-- hashing is inexpensive computation)
detected by the responder.
Thanks,
---- **** ----
Kanta MATSUURA, Ph.D.
Lecturer
3rd Department,
Institute of Industrial Science, University of Tokyo,
Roppongi 7-22-1, Minato-ku, Tokyo 106-8558, JAPAN
Tel: +81-3-3402-6231 (ext. 2325)
Fax: +81-3-3479-1736
E-Mail: kanta@iis.u-tokyo.ac.jp
- On a hybrid authentication mode for IKE Kanta Matsuura
- Re: On a hybrid authentication mode for IKE Tamir Zegman
- Re: On a hybrid authentication mode for IKE Kanta Matsuura