I-D Action: draft-ietf-ospf-security-extension-manual-keying-00.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Open Shortest Path First IGP Working Group of the IETF.

	Title           : Security Extension for OSPFv2 when using Manual Key Management
	Author(s)       : Manav Bhatia
                          Sam Hartman
                          Dacheng Zhang
                          Acee Lindem
	Filename        : draft-ietf-ospf-security-extension-manual-keying-00.txt
	Pages           : 11
	Date            : 2011-05-06

   The current OSPFv2 cryptographic authentication mechanism as defined
   in the OSPF standards is vulnerable to both inter-session and intra-
   session replay attacks when its uses manual keying.  Additionally,
   the existing cryptographic authentication schemes do not cover the IP
   header.  This omission can be exploited to carry out various types of
   attacks.

   This draft proposes changes to the authentication sequence number
   mechanism that will protect OSPFv2 from both inter-session and intra-
   session replay attacks when its using manual keys for securing its
   protocol packets.  Additionally, we also describe some changes in the
   cryptographic hash computation so that we eliminate most attacks that
   result because OSPFv2 does not protect the IP header.


A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ospf-security-extension-manual-keying-00.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-ietf-ospf-security-extension-manual-keying-00.txt
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt


[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux