Attacking the IPsec Standards in Encryption-only Configurations
- 1 May 2007
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- No. 10816011,p. 335-349
- https://doi.org/10.1109/sp.2007.8
Abstract
We describe new attacks which break any RFC- compliant implementation of IPsec making use of encryption-only ESP in tunnel mode. The new attacks are both efficient and realistic: they are ciphertext-only and need only the capability to eavesdrop on ESP-encrypted traffic and to inject traffic into the network. We report on our experiences in applying the attacks to a variety of implementations of IPsec.Keywords
This publication has 8 references indexed in Scilit:
- Lost in translation: theory and practice in cryptographyIEEE Security & Privacy, 2006
- IP Encapsulating Security Payload (ESP)Published by RFC Editor ,2005
- Breaking and provably repairing the SSH authenticated encryption schemeACM Transactions on Information and System Security, 2004
- Intercepting mobile communicationsPublished by Association for Computing Machinery (ACM) ,2001
- IP Encapsulating Security Payload (ESP)Published by RFC Editor ,1998
- Security Architecture for the Internet ProtocolPublished by RFC Editor ,1998
- Requirements for IP Version 4 RoutersPublished by RFC Editor ,1995
- Internet Control Message ProtocolPublished by RFC Editor ,1981