Hi Sandesh, strongSwan is not vulnerable to the Bleichenbacher oracle attack since we did not implement the RSA encryption authentication variant for IKEv1.
Best regards Andreas On 31.08.2018 10:53, Sandesh Sawant wrote: > Hi all, > > I came across below news about a paper enlisting attacks pertaining to > IKE protocol, and want to know whether the latest version of trongSwan > stack is vulnerable to the attacks mentioned in this > paper: > https://www.ei.rub.de/media/nds/veroeffentlichungen/2018/08/13/sec18-felsch.pdf > References: > https://latesthackingnews.com/2018/08/20/ipsec-vpn-connections-broken-using-20-year-old-flaw/ > https://securityaffairs.co/wordpress/75352/hacking/key-reuse-ipsec-attack.html > > Thanks, > Sandesh ====================================================================== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[INS-HSR]==
