Presented by Jason A Donenfeld FOSDEM 2017
14.02.2017 Views
Share Embed Flag

Presented by Jason A Donenfeld FOSDEM 2017

2kVT3mc

2kVT3mc

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
xkr47

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Cookies: DTLS-like and IKEv2-like<br />

▪<br />

▪<br />

▪<br />

▪<br />

▪<br />

▪<br />

Dialog:<br />

▪ Initiator: Compute this DH().<br />

▪ Responder: Your magic word is “cbdd7c…bb71d9c0”. Ask me again with the magic word.<br />

▪ Initiator: My magic word is “cbdd7c…bb71d9c0”. Compute this DH().<br />

“cbdd7c…bb71d9c0” == MAC(key=responder_secret, initator_ip_address)<br />

Where responder_secret changes every few minutes.<br />

Proves IP ownership without storing state.<br />

Always responds to message.<br />

▪ Violates security design principle, stealth!<br />

Magic word can be intercepted.<br />

Initiator can be DoS’d <strong>by</strong> flooding it with fake magic words.

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!