"ISAKMP" flaws?

[Peter Gutmann]

Tero Kivinen <kivinen at iki.fi> writes:

>If I understood correctly the tools they used now did generate specific hand-
>crafted packets having all kind of wierd error cases. When testing with the
>crypto protocols the problem is that you also need to do the actual crypto,
>key exchangement etc to be able to test things after the first packet. 

The two that I'm aware of (the X.509 cert data generator that found ASN.1
parser faults and the SSH hello-packet generator) both just created vaguely
correct-looking PDUs that contained garbage data, so that a simple firewall
check would reject 99% of the packets before they even got to the real
processing.  The SSH generator only sent the first packet, so it never got
past the first step of the SSH handshake.  I'm not sure what the ISAKMP data
generator did.

Peter.


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com