## Cryptology ePrint Archive: Report 2006/370

A DoS Attack Against the Integrity-Less ESP (IPSec)

Ventzislav Nikov

Abstract: This paper describes a new practical DoS attack that can be mounted against the encryption-only'' configuration (i.e. without authenticated integrity) of ESP as allowed by IPSec.

This finding can serve as a strong argument to convince those in charge of the IPSec standardization to improve it by banning the encryption-only'' configuration from the standard.

Category / Keywords: applications / IPSec (ESP) Standard, Denial of Service Attack

Publication Info: An extended version of the paper presented at SECRYPT 2006