Attacking the IPsec Standards in Encryption-only Configurations

2007 IEEE Symposium on Security and Privacy (SP '07) Pub Date : 2007-05-20 DOI:10.1109/SP.2007.8

Jean Paul Degabriele, K. Paterson

引用次数: 73

Abstract

We describe new attacks which break any RFC- compliant implementation of IPsec making use of encryption-only ESP in tunnel mode. The new attacks are both efficient and realistic: they are ciphertext-only and need only the capability to eavesdrop on ESP-encrypted traffic and to inject traffic into the network. We report on our experiences in applying the attacks to a variety of implementations of IPsec.

查看原文本刊更多论文

攻击纯加密配置下的IPsec标准

我们描述了在隧道模式下使用纯加密ESP来破坏任何符合RFC的IPsec实现的新攻击。新的攻击既有效又现实:它们是纯密文的，只需要窃听esp加密的流量并将流量注入网络的能力。我们报告了将攻击应用于各种IPsec实现的经验。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2007 IEEE Symposium on Security and Privacy (SP '07)

自引率

0.00%

发文量