[13688] in cryptography@c2.net mail archive
Re: authentication and ESP
daemon@ATHENA.MIT.EDU (Sandy Harris)
Sun Jun 22 23:45:15 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Mon, 23 Jun 2003 10:12:39 +0800
From: Sandy Harris <sandy@storm.ca>
To: cryptography@metzdowd.com
John S. Denker wrote:
> On 06/19/2003 01:49 PM, martin f krafft wrote:
> > As far as I can tell, IPsec's ESP has the functionality of
> > authentication and integrity built in:
>
> It depends on what you mean by "built in".
> 1) The RFC provides for ESP+authentication but
> does not require ESP to use authentication.
> 2) Although the RFC allows ESP without
> authentication, typical implementations are
> less flexible. In FreeS/WAN for instance, if
> you ask for ESP will get ESP+AH.
>
> ESP without authentication may be vulnerable to
> replay attacks and/or active attacks that tamper
> with the bits in transit. The degree of vulnerability
> depends on details (type of chaining, higher-level
> properties of payload, ...).
There's some discussion and links in the FreeS/WAN
docs:
http://www.freeswan.org/freeswan_trees/freeswan-2.00/doc/ipsec.html#encnoauth
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
