IETF Logo Mail Archive

[IPsec] Please review draft-ietf-ipsecme-aes-ctr-ikev2-05.txt

Tero Kivinen <kivinen@iki.fi> Thu, 04 March 2010 11:47 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2BB593A8913 for <ipsec@core3.amsl.com>; Thu, 4 Mar 2010 03:47:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w5VnhdGgRGRb for <ipsec@core3.amsl.com>; Thu, 4 Mar 2010 03:47:22 -0800 (PST)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) by core3.amsl.com (Postfix) with ESMTP id 1299B3A863F for <ipsec@ietf.org>; Thu, 4 Mar 2010 03:47:21 -0800 (PST)
Received: from fireball.kivinen.iki.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.14.3/8.14.3) with ESMTP id o24BlIku022491 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 4 Mar 2010 13:47:18 +0200 (EET)
Received: (from kivinen@localhost) by fireball.kivinen.iki.fi (8.14.3/8.12.11) id o24BlH0s019906; Thu, 4 Mar 2010 13:47:17 +0200 (EET)
X-Authentication-Warning: fireball.kivinen.iki.fi: kivinen set sender to kivinen@iki.fi using -f
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <19343.40389.179402.103424@fireball.kivinen.iki.fi>
Date: Thu, 04 Mar 2010 13:47:17 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <p06240825c7b4519f594c@[10.20.30.158]>
References: <p06240825c7b4519f594c@[10.20.30.158]>
X-Mailer: VM 7.19 under Emacs 21.4.1
X-Edit-Time: 6 min
X-Total-Time: 6 min
Cc: IPsecme WG <ipsec@ietf.org>
Subject: [IPsec] Please review draft-ietf-ipsecme-aes-ctr-ikev2-05.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Mar 2010 11:47:23 -0000

Paul Hoffman writes:
> Based on Pasi's AD review, the authors significantly shortened the
> document. It seems prudent to have the WG review the new, shorter
> version. In particular, it would be good for developers to look at
> the new short document and see if it is complete enough to implement
> from. 
> 
> This review cycle will end in a week, but please do the review early
> in case problems are found. 

The draft looks good, but I would clarify the security considerations
section a bit. Now it says:

   Security considerations explained in section 7 of [RFC3686] are
   entirely relevant for this draft also.  The security considerations
   on fresh keys and integrity protection in section 7 of [RFC3686] are
   totally applicable on using AES-CTR in IKEv2; see [RFC3686] for
   details.  Due to this reasons, static keys are never used for the IKE
   SA and the IKE_SA always uses integrity protection.

The last paragraph is bit misleading, as there is no way static keys
can be used in IKE SA at all, and this is not because of the issues of
AES-CTR. Also integrity protection is already mandatory for IKEv2 IKE
SA regardless whether AES-CTR is used or not. It would be better to
replace the last sentence with:

   As static keys are never used in IKEv2 for IKE_SA and integrity
   protection is mandatory for IKE_SA, these issues are not applicable
   for AES-CTR in IKEv2 when protecting IKE_SA.
-- 
kivinen@iki.fi

v2.23.0 | Report a Bug | By Email