> On 15 Jan 2016, at 10:32 PM, Valery Smyslov <[email protected]> wrote: > > >>> What about the responder - he doesn't see any cookie in this attack - the >>> attacker >>> sends the crafted cookie only to the initiator and sends a crafted >>> IKE_SA_INIT message w/o cookie to the responder (as far as I understand the >>> attack). >> >> There is a cookie. See Figure 12 in Paul’s blog post: >> https://securityblog.redhat.com/2016/01/13/the-sloth-attack-and-ikeipsec/ > > Ah, you are right. I missed that in a quick read. > > After second read it seems to me that there is one more obstacle to that > attack in real world. > It seems that attacker appends original initiator's SAi, KEi, Ni payloads to > its > message sent to responder (as info`). So, this message would contain two SA > payloads, > two KE payloads etc. I believe the responder must return INVALID_SYNTAX in > this case.
IIUC there are no two SA payloads and two KE payloads. All of those are part of the “cookie” sent to the real Responder. That is why it’s so large. _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
