Christopher Patton <[email protected]> wrote: > So consider what happens if both peers support the extension and the > attacker rewrites the initiator IKE_INIT_SA to drop the > notification. The responder will notify anyway (2.), which will prompt > the initiator to sign the entire IKE_INIT_SA exchange (3.) The > responder however expects the initiator to sign a different string, > since it did not see a notification from the client. This will cause > the IKE_AUTH exchange to fail, which is how we detect the attack.
What prevents the on-path active attacker from removing the responders' Notify? -- Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ IPsec mailing list -- [email protected] To unsubscribe send an email to [email protected]
