Abstract
Despite well-known results in theoretical cryptography high-lighting the vulnerabilities of unauthenticated encryption, the IPsec standards mandate its support. We present evidence that such "encryption-only" configurations are in fact still often selected by users of IPsec in practice, even with strong warnings advising against this in the IPsec standards. We then describe a variety of attacks against such configurations and report on their successful implementation in the case of the Linux kernel implementation of IPsec. Our attacks are realistic in their requirements, highly efficient, and recover the complete contents of IPsec-protected datagrams. Our attacks still apply when integrity protection is provided by a higher layer protocol, and in some cases even when it is supplied by IPsec itself. © International Association for Cryptologic Research 2006.
Author supplied keywords
Cite
CITATION STYLE
Paterson, K. G., & Yau, A. K. L. (2006). Cryptography in theory and practice: The case of encryption in IPsec. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4004 LNCS, pp. 12–29). Springer Verlag. https://doi.org/10.1007/11761679_2
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
