Re: Attacks on IPsec
From: Gregory G Rose (ggr_at_qualcomm.com)
Date: 05/18/05
- Next message: Eric Cordian: "Re: Public disclosure of discovered vulnerabilities"
- Previous message: Gregory G Rose: "Re: Public disclosure of discovered vulnerabilities"
- In reply to: David Wagner: "Re: Attacks on IPsec"
- Next in thread: David Wagner: "Re: Attacks on IPsec"
- Reply: David Wagner: "Re: Attacks on IPsec"
- Reply: Mike Amling: "Re: Attacks on IPsec"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 17 May 2005 22:20:05 -0700
In article <d6e6em$2d3e$3@agate.berkeley.edu>,
David Wagner <daw-usenet@taverner.cs.berkeley.edu> wrote:
>Kevin Drapel wrote:
>>One attack apply on certain configurations of IPsec with ESP in tunnel
>>mode, enabled encryption but disabled integrity check. Another also
>>applies to AH with some special settings. The attacker can retrieve
>>some plaintext data using the ICMP messages.
>>
>>http://www.uniras.gov.uk/niscc/docs/al-20050509-00386.html?lang=en
>
>Huh? I confess I don't understand this vulnerability report. I thought
>IPSec made integrity mandatory for the usual modes of operation,
>ever since Bellovin's seminal Usenix Security paper. Certainly there
Oh, yes, if you use ESP, it automatically has
integrity protection. But it's perfectly allowable
to negotiate the NULL integrity algorithm.
My point from a couple of days ago, exactly.
Greg.
-- Greg Rose 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C Qualcomm Australia: http://www.qualcomm.com.au
- Next message: Eric Cordian: "Re: Public disclosure of discovered vulnerabilities"
- Previous message: Gregory G Rose: "Re: Public disclosure of discovered vulnerabilities"
- In reply to: David Wagner: "Re: Attacks on IPsec"
- Next in thread: David Wagner: "Re: Attacks on IPsec"
- Reply: David Wagner: "Re: Attacks on IPsec"
- Reply: Mike Amling: "Re: Attacks on IPsec"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
