Hi Sandesh,
strongSwan is not vulnerable to the Bleichenbacher oracle attack
since we did not implement the RSA encryption authentication variant
for IKEv1.
Best regards
Andreas
On 31.08.2018 10:53, Sandesh Sawant wrote:
> Hi all,
>
> I came across below news about a paper enlisting attacks
Hi all,
I came across below news about a paper enlisting attacks pertaining to IKE
protocol, and want to know whether the latest version of trongSwan stack is
vulnerable to the attacks mentioned in this paper:
https://www.ei.rub.de/media/nds/veroeffentlichungen/2018/08/13/sec18-felsch.pdf