[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Small subgroups and ISAKMP/Oakley

To: IP Security List <ipsec@xxxxxxx>
Subject: Re: Small subgroups and ISAKMP/Oakley
From: Lewis McCarthy <lmccarth@xxxxxxxxxxxx>
Date: Wed, 16 Apr 1997 21:52:41 -0400
Organization: Theoretical Computer Science Group, UMass-Amherst, <http://www.cs.umass.edu/~thtml/>
References: <>
Sender: owner-ipsec@xxxxxxxxxx

John Kennedy writes:
> During X9.42 development discussion it was not necessarily a 
> man-in-the-middle that was feared with regards to the small sub-group 
> attack.  Conceivably, one of the communicating parties could send a 
> "bad" public number on purpose.  Is this a realistic scenario?  

One of the legitimate parties might be a broken implementation that
doesn't correctly check whether it has computed a public exponential 
that lies in the small subgroup. 

-Lewis

References:
- Small subgroups and ISAKMP/Oakley
  - From: John Kennedy

Prev by Date: Re: Small subgroups and ISAKMP/Oakley
Next by Date: notes from developer's portion of IETF meeting
Previous by thread: Small subgroups and ISAKMP/Oakley
Next by thread: Re: Small subgroups and ISAKMP/Oakley
Index(es):
- Date
- Thread