[Openswan dev] Re: [Openswan Users] Xauth Client extensions

Henrik Nordstrom hno at marasystems.com
Wed Apr 7 18:55:31 CEST 2004


On Wed, 7 Apr 2004 mcr at xelerance.com wrote:

> supported, but not tested in a structured way. By this, I mean that
> there is no test case for the code. That means that they may break with
> no notice. 

This I buy.

> Henrik> Isn't similar limits needed on main mode negotiations? Both
> Henrik> need the same amount of DH calculations don't they? I admit
> Henrik> it was long since I worked on aggressive mode, but I do not
> Henrik> recall aggressive mode being different in this regard..
> 
>   Do you remember the TCP SYN spoofing attacks? 

Yes.

But the attacker do however need to guess (or sniff) a valid identity
payload to be able to exploit this.

Aggressive mode: Protected by identity payload (non-encrypted shared
secret)

Main mode: Protected by three way handshake.

Both are alone rather weak wrt entropy protection and both is quite
trivial to apply limitations to, even more so in case of aggressive mode
as the identity information is more expressive allowing a scheme to be
devices with reasonable protection even from DDoS type attacks.

Regards
Henrik



More information about the Dev mailing list