Firewall Wizards mailing list archives
Re: Possibility of replay attacks in manually keyed IPsec?
From: Mikael Olsson <mikael.olsson () enternet se>
Date: Tue, 07 Dec 1999 09:40:33 +0100
So, the reason I'm hearing rumors about replay attacks against IPsec is probably because IPsec didn't use to utilize sequence number fields? (Which it does today) That floats my boat. Could also go a long way towards explaining why I've never seen this demonstrated to me, but only heard it through "rumours". Thanks /Mike Rick Smith wrote:
The original version of IPSEC was vulnerable to replay attacks, but the revised IPSEC incorporates features to detect and reject replayed packets. The use of nonces in IKE should prevent replay, assuming the nonces are appropriately random. The use of anti replay features in the latest IPSEC should likewize prevent successful replay attacks.
-- Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK Phone: +46 (0)660 105 50 Fax: +46 (0)660 122 50 Mobile: +46 (0)70 248 00 33 WWW: http://www.enternet.se E-mail: mikael.olsson () enternet se
Current thread:
- Possibility of replay attacks in manually keyed IPsec? Mikael Olsson (Dec 03)
- Re: Possibility of replay attacks in manually keyed IPsec? Mikael Olsson (Dec 05)
- Re: Possibility of replay attacks in manually keyed IPsec? Steve Goldhaber (Dec 05)
- Re: Possibility of replay attacks in manually keyed IPsec? Stefan Norberg (Dec 05)
- Re: Possibility of replay attacks in manually keyed IPsec? Chris Cappuccio (Dec 06)
- Re: Possibility of replay attacks in manually keyed IPsec? Rick Smith (Dec 06)
- Re: Possibility of replay attacks in manually keyed IPsec? Mikael Olsson (Dec 07)
- <Possible follow-ups>
- RE: Possibility of replay attacks in manually keyed IPsec? Ben Nagy (Dec 05)