Attacking the IPsec standards in encryption-only configurations

被引：23

作者：

Degabriele, Jean Paul ^{[1
]}

Paterson, Kenneth G. ^{[2
]}

机构：

[1] Hewlett Packard Labs, Filton Rd, Bristol BS34 8QZ, Avon, England

[2] Univ London, Royal Holloway, Informat Secur Grp, Egham, Surrey, England

来源：

2007 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS | 2007年

基金：

英国工程与自然科学研究理事会;

关键词：

D O I：

10.1109/SP.2007.8

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

We describe new attacks which break any RFC-compliant implementation of IPsec making use of encryption-only ESP in tunnel mode. The new attacks are both efficient and realistic: they are ciphertext-only and need only the capability to eavesdrop on ESP-encrypted traffic and to inject traffic into the network. We report on our experiences in applying the attacks to a variety of implementations of IPsec.

引用

页码：335 / +

页数：2

共 15 条

[1]

[Anonymous], IETF STANDARDS

[2]

BAKER F, 1995, RFC1812

[3]

Bellare M., 2004, ACM Transactions on Information and Systems Security, V7, P206, DOI 10.1145/996943.996945

[4]

BORISOV N, 2001, P 7 ANN INT C MOB CO, P180, DOI DOI 10.1145/381677.381695

[5]

Canvel B, 2003, LECT NOTES COMPUT SC, V2729, P583

[6]

Doraswamy Naganand, 2003, IPSec: the new security standard for the Internet, intranets, and virtual private networks

[7]

ELLOVIN S, 1996, P 6 US UN SEC S SAN, P1

[8]

Frankel S., 2005, NIST SPECIAL PUBLICA, V800-77

[9]

Kent S., 1998, RFC 2401

[10]

KENT S, 1998, RFC 2406

← 1 2 →