Re: peer address protection

[Charlie_Kaufman@notesdev.ibm.com]

Francis.Dupont@enst-bretagne.fr wrote:

> Peer addresses (as defined in draft-ietf-ipsec-pki-profile-01.txt) are
> not protected in IKE (not always in IKEv1, not at all in IKEv2 with
> revised identities). This opens a security hole, not against IKE itself,
> but using IKE to divert traffic (i.e., not a property we'd like for a
> security protocol).
>  The I-D editor has just announced the new version of my I-D about
> the transient pseudo-NAT attack and its application to Mobile IPv4
> (documented in the security section of the NAT traversal extension)
> and to IKE... Its name is draft-dupont-transient-pseudonat-01.txt.
>  I believe we should fix the issue (the security flaw) for the next
> version of the IKEv2 document.

Please take a look at draft-ietf-ipsec-ikev2-04.txt. As part of NAT
traversal, there is a new mechanism for sending protected peer addresses.
It does not, however, specify any algorithms for using that information
to protect against the kinds of attacks you're worried about. I
haven't read your I-D (but I will). I believe the really hard problem
for us to solve is how to protect against pseudo-NAT attacks while
supporting real NATs given that NATs are generally not capable of
providing any cryptographic authentication.

          --Charlie

Opinions expressed may not even be mine by the time you read them, and
certainly don't reflect those of any other entity (legal or otherwise).