[prev in list] [next in list] [prev in thread] [next in thread]
List: netbsd-tech-net
Subject: Re: why is SA lifetime kilobyte limit disabled in racoon?
From: Steven Bellovin <smb () cs ! columbia ! edu>
Date: 2011-05-23 21:31:19
Message-ID: 54BE3BE7-C43C-4AE0-9E0E-8BB830917574 () cs ! columbia ! edu
[Download RAW message or body]
On May 23, 2011, at 4:26 05PM, Matthias Drochner wrote:
>
> smb@cs.columbia.edu said:
>>> At least it
>>> would be a help to fingerprint the OS or estimate uptime.
>> Depends on how you pick the starting point.
>
> OK, not for the fingerprint -- the mere fact that there is a simple
> counter tells something about the OS and perhaps the byteorder.
> But there is another argument for a random start value which is
> to protect those who don't read manuals and use the cipher
> with a static key. Hope that they don't reboot that often that
> birthday paradox strikes again:-)
That's why I really dislike counter mode -- it's too easy to make a
serious mistake with it...
>
>> But you've given another reason why they don't specify it: having
>> one counter per system, rather than one per SA, is perfectly acceptable
>> if you rekey at the right time.
>
> Actually, the reason that I didn't suggest a per-system counter
> wasn't that I'm concerned about overflow.
> One is that for an API which accomodates everyone (including the
> paranoid), some per-SA state will be needed anyway. I'm more
> concerned about a sustaining API, and like to leave crypto
> things to those who know more.
> And the other is that a global counter would not only leak information
> about the system as such but also about the activity of other ipsec
> connections. I can't imagine that this would be acceptable for eg a
> corporate tunnel endpoint.
Sorry, I misinterpreted your comment -- you had spoken about a new API
for per-SA state, so I assumed you meant instead of the current global
state.
--Steve Bellovin, https://www.cs.columbia.edu/~smb
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic