ramaswamy writes: > Thanks for the response, I agree with your comments, I think we can use > certificates to avoid man in the middle attacks and error message flooding > in the INIT phase only, as certificates are signed by trusted certificate > authorities authenticity is ensured. > > If certificates are used in INIT message exchanges [mutual authentication], > we can effectively avoid afore said attacks as it avoids huge computation of > IKE-keys before the client OR server is authenticated.
RSA operations are already huge computation. There is no big difference whether you do RSA or Diffie-Hellman. > To avoid Replay attacks: > By using RSA private key of certificate to encrypt the nonce (Ni) in > INIT_REQUEST message we can avoid replay attacks, at the receiving end, > first certificate is verified using root CA and nonce is decrypted using > public key of the received certificate which ensures that sender holds the > valid private key of the certificate and not an attacker. By using nonce we > can avoid Replay attacks[Packets can be rejected if the same nonce is > received within a particular session]. So you plan to store that nonce forever, and always verify that the nonce is not used before? That would be extremely expensive way to solve the replay attack. -- [email protected] _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
