Paper 2006/370

A DoS Attack Against the Integrity-Less ESP (IPSec)

Ventzislav Nikov

Abstract

This paper describes a new practical DoS attack that can be mounted against the ``encryption-only'' configuration (i.e. without authenticated integrity) of ESP as allowed by IPSec. This finding can serve as a strong argument to convince those in charge of the IPSec standardization to improve it by banning the ``encryption-only'' configuration from the standard.

Metadata
Available format(s)
PDF PS
Category
Applications
Publication info
Published elsewhere. An extended version of the paper presented at SECRYPT 2006
Keywords
IPSec (ESP) StandardDenial of Service Attack
Contact author(s)
venci nikov @ gmail com
History
2006-11-03: received
Short URL
https://ia.cr/2006/370
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2006/370,
      author = {Ventzislav Nikov},
      title = {A {DoS} Attack Against the Integrity-Less {ESP} ({IPSec})},
      howpublished = {Cryptology {ePrint} Archive, Paper 2006/370},
      year = {2006},
      url = {https://eprint.iacr.org/2006/370}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.