A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Open Shortest Path First IGP Working Group of
the IETF.
Title : Security Extension for OSPFv2 when using Manual Key
Management
Author(s) : Manav Bhatia
Sam Hartman
Dacheng Zhang
Acee Lindem
Filename :
draft-ietf-ospf-security-extension-manual-keying-05.txt
Pages : 13
Date : 2013-05-27
Abstract:
The current OSPFv2 cryptographic authentication mechanism as defined
in the OSPF standards is vulnerable to both inter-session and intra-
session replay attacks when its uses manual keying. Additionally,
the existing cryptographic authentication schemes do not cover the IP
header. This omission can be exploited to carry out various types of
attacks.
This draft proposes changes to the authentication sequence number
mechanism that will protect OSPFv2 from both inter-session and intra-
session replay attacks when its using manual keys for securing its
protocol packets. Additionally, we also describe some changes in the
cryptographic hash computation so that we eliminate most attacks that
result because OSPFv2 does not protect the IP header.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-ospf-security-extension-manual-keying
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-ospf-security-extension-manual-keying-05
A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-ospf-security-extension-manual-keying-05
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
