<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: Allan Latham <alatham,AT,flexsys-group,DOT,com>
Subject: Re: Replays - thoughts on Gutmann response
From: Sandino Araico Sanchez <sandino,AT,sandino,DOT,net>
Date: Tue, 07 Oct 2003 18:36:31 -0500
Cc: cipe-l,AT,inka,DOT,de
In-reply-to: <200309261016.46517.alatham@flexsys-group.com>
References: <944775566166B64B9A2DD5EE0159B5CDBA2A@europa.directory.futurefoundations.com> <1064557595.7652.134.camel@monster.omnifarious.org> <200309261016.46517.alatham@flexsys-group.com>

Allan Latham wrote:

If that were all, my opinion would be that we don't have a replay problem with CIPE. Unfortunately there are some concerns:

1. ICMP and UDP traffic could possibly be replayed to cause a DOS attack.
2. Key exchange replays may allow an attacker to force CIPE to use the static key or an already cracked dynamic key.

I hope to cover the whole subject of how to harden key exchange later.

If we use TCP instead of UDP for key exchange the replay problem can be worked around and there's no performance impact since there's no TCP over TCP encapsulation in key exchange.

There's lower complexity using UDP exclusively for traffic and TCP exclusively for key exchange since we don't need to find out if the received UDP package contains a package or a key. When we are sure no UDP package contains a key we just need to check integrity, decrypt the encapsulated package and pass it to the upper layer so the process is simplified.

Sandino Araico Sánchez
-- Lo que no mata engorda.

<< | Thread Index | >> ]    [ << | Date Index | >> ]