Cryptography in Theory and Practice: The Case of Encryption in IPsec

Capítulo de livro Acesso aberto Revisado por pares

Cryptography in Theory and Practice: The Case of Encryption in IPsec

2006; Springer Science+Business Media; Linguagem: Inglês

10.1007/11761679_2

ISSN

1611-3349

Autores

Kenneth G. Paterson, Arnold K. L. Yau,

Tópico(s)

Advanced Malware Detection Techniques

Resumo

Despite well-known results in theoretical cryptography highlighting the vulnerabilities of unauthenticated encryption, the IPsec standards mandate its support. We present evidence that such "encryption-only" configurations are in fact still often selected by users of IPsec in practice, even with strong warnings advising against this in the IPsec standards. We then describe a variety of attacks against such configurations and report on their successful implementation in the case of the Linux kernel implementation of IPsec. Our attacks are realistic in their requirements, highly efficient, and recover the complete contents of IPsec-protected datagrams. Our attacks still apply when integrity protection is provided by a higher layer protocol, and in some cases even when it is supplied by IPsec itself.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

Cryptography in Theory and Practice: The Case of Encryption in IPsec