Re: SNMPv2 security
Keith McCloghrie <kzm@hls.com> Tue, 01 February 1994 05:26 UTC
Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa29714; 1 Feb 94 0:26 EST
Received: from CNRI.RESTON.VA.US by IETF.CNRI.Reston.VA.US id aa29709; 1 Feb 94 0:26 EST
Received: from relay.tis.com by CNRI.Reston.VA.US id aa24285; 1 Feb 94 0:26 EST
Received: by relay.tis.com; id AA08726; Tue, 1 Feb 94 00:05:16 EST
Received: from magellan.tis.com(192.33.112.124) by relay via smap (V1.0mjr) id sma008715; Tue Feb 1 00:04:16 1994
Received: from magellan.tis.com by magellan.TIS.COM id aa25931; 31 Jan 94 23:57 EST
Received: from sol.tis.com by magellan.TIS.COM id aa25924; 31 Jan 94 23:45 EST
Received: from relay.tis.com by tis.com (4.1/SUN-5.64) id AA04852; Mon, 31 Jan 94 23:44:39 EST
Received: by relay.tis.com; id AA08560; Mon, 31 Jan 94 23:45:11 EST
Received: from lanslide.hls.com(129.47.1.8) by relay via smap (V1.0mjr) id sma008552; Mon Jan 31 23:44:50 1994
Received: from nms.hls.com by lanslide.hls.com (4.1/SMI-4.0) id AA05153; Mon, 31 Jan 94 20:37:57 PST
Received: by nms.hls.com (4.1/SMI-4.1) id AA14474; Mon, 31 Jan 94 20:07:38 PST
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: Keith McCloghrie <kzm@hls.com>
Message-Id: <9402010407.AA14474@nms.hls.com>
Subject: Re: SNMPv2 security
To: Julie Tarr <tarr@itd.nrl.navy.mil>
Date: Mon, 31 Jan 1994 20:07:37 -0700
Cc: kasten@ftp.com, hale@itd.nrl.navy.mil, snmp@psi.com, snmpv2@magellan.tis.com
In-Reply-To: <9401311823.AA12951@itd.nrl.navy.mil>; from "Julie Tarr" at Jan 31, 94 1:23 pm
Organization: Hughes LAN Systems
X-Mailer: ELM [version 2.2 PL0]
> There are two reasons to change keys in a cryptographic system - 1) The old > key has been compromised, and 2) to protect them from a > cryptanalysis threat. In SNMPv2, there is a third reason: to allow the clock to be reset without allowing all previous messages to be replayed. > In the first case, neither the XOR scheme or using DES > with the old key will work. In the second case, the idea is to > limit the amount of time the > cryptanalysist has to break the keys. When you XOR the old key with the new > key, you are providing no protection from the cryptanalysist! The "linear" (as someone else called it) change of XOR-ing the keys can have two impacts: 1. it doesn't make the cryptanalyst's job any easier, it could make no difference, or (my guess) it could make it at least a little harder, although the amount by which it is harder may be negligible, I don't know. 2. without the XOR, the cryptanalyst can work from any subset of the messages; with XORs, the cryptanalyst must capture all the packets to/from that agent, inspect them all for a) SetRequests which modify partyAuthPriv, and b) the matching Response messages to make sure that the identified SetRequests were successful, etc., and then factor the changes into the calculations. Wouldn't you say that make the job a bit harder ? > If you don't think you need to provide protection > from a cryptanalysist - then why change keys? Primarily, for the third reason above. Secondarily, to make the crpytanalyst's job at least a little harder. > In the proposed SNMPv2 system, the only way to provide secure key distribution > is to create a desPriv/md5Auth party that is used only to send the keys of the > other parties. The keys of this party, however, would have to be updated > manually. Certainly, for those who want protection from cryptanalytic attack. For those who want protection from occasional snoopers, the use of XOR may be sufficient. Keith.
- Re: SNMPv2 security Frank Kastenholz
- Re[2]: SNMPv2 security cyoung
- Re: SNMPv2 security Frank Kastenholz
- Re: SNMPv2 security Frank Kastenholz
- Re: SNMPv2 security uri
- Re: SNMPv2 security uri
- Re: SNMPv2 security Frank Kastenholz
- Re: SNMPv2 security Julie Tarr
- Re: SNMPv2 security Keith McCloghrie
- Re: SNMPv2 security Julie Tarr
- Re: SNMPv2 security Sath. Nelakonda
- Re: SNMPv2 security michael (m.) sam chee