Re: Phase 1 Re-keying Implementation Identification
Dan Harkins <dharkins@network-alchemy.com> Wed, 24 November 1999 03:12 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id TAA23433; Tue, 23 Nov 1999 19:12:11 -0800 (PST)
Received: by lists.tislabs.com (8.9.1/8.9.1) id UAA27873 Tue, 23 Nov 1999 20:47:54 -0500 (EST)
Message-Id: <199911240148.RAA22752@potassium.network-alchemy.com>
To: Tero Kivinen <kivinen@ssh.fi>
cc: Valery Smyslov <svan@trustworks.com>, tytso@mit.edu, pkoning@xedia.com, akrywaniuk@TimeStep.com, ipsec@lists.tislabs.com
Subject: Re: Phase 1 Re-keying Implementation Identification
In-reply-to: Your message of "Wed, 24 Nov 1999 02:42:24 +0200." <199911240042.CAA06661@torni.ssh.fi>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <22749.943408084.1@network-alchemy.com>
Date: Tue, 23 Nov 1999 17:48:04 -0800
From: Dan Harkins <dharkins@network-alchemy.com>
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
<commercial advertisement> Note that this is the technique used in CRACK. So CRACK will also authenticate all optional payloads as well as the outer ISAKMP header. </commercial advertisement> If the attacker changes the responder's selection the exchange will fall apart due to the different sides having different attributes of the negotiated SA. Either the hash will be different, or the encryption algorithm, or the D-H public value, etc. but the exchange should fall apart in this case. Dan. On Wed, 24 Nov 1999 02:42:24 +0200 you wrote > Valery Smyslov writes: > > > The good thing about the SA payloads are that they are authenticated, > > > so attacker cannot remove the features, as they can when you are using > > > the vendor id payloads. > > But attacker can always change responder's selection, because SAr is > > not explicitly authenticated in IKE. > > True. I forgot that one. I just submitted a draft that will also that > problem (it will also fix the original problem that vendor id payloads > are not authenticated). > > Here is a copy of that draft: > ---------------------------------------------------------------------- > IP Security Protocol Working Group (IPSEC) T. Kivinen > INTERNET-DRAFT SSH Communications Security > draft-ietf-ipsec-ike-hash-revised-00.txt 23 November 1999 > Expires: 23 May 2000 [snip]
- Phase 1 Re-keying Implementation Identification Tim Jenkins
- RE: Phase 1 Re-keying Implementation Identificati… Tim Jenkins
- Re: Phase 1 Re-keying Implementation Identificati… Slava Kavsan
- Re: Phase 1 Re-keying Implementation Identificati… Will Price
- RE: Phase 1 Re-keying Implementation Identificati… Tim Jenkins
- Re: Phase 1 Re-keying Implementation Identificati… Ben McCann
- RE: Phase 1 Re-keying Implementation Identificati… Tim Jenkins
- Re: Phase 1 Re-keying Implementation Identificati… Slava Kavsan
- RE: Phase 1 Re-keying Implementation Identificati… Tero Kivinen
- Re: Phase 1 Re-keying Implementation Identificati… Scott G. Kelly
- RE: Phase 1 Re-keying Implementation Identificati… Tim Jenkins
- Re: Phase 1 Re-keying Implementation Identificati… Mike Carney
- RE: Phase 1 Re-keying Implementation Identificati… Saint-Hilaire, Ylian
- Re: Phase 1 Re-keying Implementation Identificati… Paul Koning
- Re: Phase 1 Re-keying Implementation Identificati… Mike Carney
- Re: Phase 1 Re-keying Implementation Identificati… Scott G. Kelly
- RE: Phase 1 Re-keying Implementation Identificati… Andrew Krywaniuk
- RE: Phase 1 Re-keying Implementation Identificati… Tero Kivinen
- Re: Phase 1 Re-keying Implementation Identificati… Michael Richardson
- Re: Phase 1 Re-keying Implementation Identificati… Dan Harkins
- RE: Phase 1 Re-keying Implementation Identificati… Tim Jenkins
- RE: Phase 1 Re-keying Implementation Identificati… Tim Jenkins
- Re: Phase 1 Re-keying Implementation Identificati… Scott G. Kelly
- RE: Phase 1 Re-keying Implementation Identificati… Andrew Krywaniuk
- RE: Phase 1 Re-keying Implementation Identificati… Paul Koning
- Re: Phase 1 Re-keying Implementation Identificati… Dan Harkins
- RE: Phase 1 Re-keying Implementation Identificati… Tero Kivinen
- RE: Phase 1 Re-keying Implementation Identificati… Scott Fanning
- RE: Phase 1 Re-keying Implementation Identificati… Andrew Krywaniuk
- RE: Phase 1 Re-keying Implementation Identificati… Paul Hoffman
- Re: Phase 1 Re-keying Implementation Identificati… Ben McCann
- Re: Phase 1 Re-keying Implementation Identificati… Ben McCann
- RE: Phase 1 Re-keying Implementation Identificati… Tim Jenkins
- RE: Phase 1 Re-keying Implementation Identificati… Tim Jenkins
- RE: Phase 1 Re-keying Implementation Identificati… Paul Koning
- Re: Phase 1 Re-keying Implementation Identificati… tytso
- Re: Phase 1 Re-keying Implementation Identificati… Tero Kivinen
- RE: Phase 1 Re-keying Implementation Identificati… Andrew Krywaniuk
- Re: Phase 1 Re-keying Implementation Identificati… Valery Smyslov
- Re: Phase 1 Re-keying Implementation Identificati… Paul Koning
- Re: Phase 1 Re-keying Implementation Identificati… tytso
- Re: Phase 1 Re-keying Implementation Identificati… Ben McCann
- Re: Phase 1 Re-keying Implementation Identificati… Tero Kivinen
- Re: Phase 1 Re-keying Implementation Identificati… Dan Harkins
- Re: Phase 1 Re-keying Implementation Identificati… Tero Kivinen
- Fixing IKE Phase 1 Authentication HASH Valery Smyslov
- Fixing IKE Phase 1 Authentication HASH Tero Kivinen
- Re: Fixing IKE Phase 1 Authentication HASH Valery Smyslov