论文信息 - Initialization vector attacks on the IPsec protocol suite

Initialization vector attacks on the IPsec protocol suite

In this paper, we analyze the security of IPsec against a class of attacks known as the IV attacks, which are based on modifying the initialization vector (IV) of a CBC-encrypted packet during transmission. We show that IV attacks can be a serious threat for IPsec if IPsec is not used carefully. We also discuss the defense methods against these attacks.

[1] Hugo Krawczyk,et al. A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[2] Stephen T. Kent,et al. Security Mechanisms in High-Level Network Protocols , 1983, CSUR.

[3] Stephen T. Kent,et al. Security Architecture for the Internet Protocol , 1998, RFC.

[4] Steven M. Bellovin,et al. Problem Areas for the IP Security Protocols , 1996, USENIX Security Symposium.

[5] Steven M. Bellovin,et al. Probable plaintext cryptanalysis of the IP security protocols , 1997, Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security.

[6] Randall J. Atkinson,et al. IP Encapsulating Security Payload (ESP) , 1995, RFC.

[7] Douglas E. Comer,et al. Internetworking with TCP/IP - Principles, Protocols, and Architectures, Fourth Edition , 1988 .