Re: Inquiry on replay protection

From: Luis A. Sanchez ([email protected])
Date: Tue Jan 12 1999 - 16:36:28 EST

Next message: M. Scott Corson: "IJSC IPoverSat CFP"
Previous message: Tang Oo: "improve SACK?"
In reply to: Byung-Cheol Shin: "Inquiry on replay protection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Shin,

In IPSec, both the AH [RFC2402] and ESP [RFC2406] protocols
contain an unsigned 32-bit sequence number field. This field is used
to protect against replay attacks. Appendix C of the IPSec
Architecture document [RFC2401] contains reference code that
implements a simple bitmask check on a 32-bit packet window. RFC2085
is no longer applicable in the current IPSec architecture. You can
retrieve these documents from:

http://www.ietf.org/html.charters/ipsec-charter.html

Luis

> Hello:
> I read RFC2085, but I cannot undersrtand how to protect againt replay.
>
> And I don't know how to get [ESP-DES-MD5].
> Would anybody introduce to me some document on the replay protection
> for easy understanding?
> Thanks in advance for the cooperations.
>
> --
> Shin, Byung-Cheol
>
>
>

Next message: M. Scott Corson: "IJSC IPoverSat CFP"
Previous message: Tang Oo: "improve SACK?"
In reply to: Byung-Cheol Shin: "Inquiry on replay protection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Mon Feb 14 2000 - 16:14:52 EST