[vpn] Clarification on key-negotiation and security of ipsec
Eirik Schwenke
schwenke-vpn-list at orakel.ntnu.no
Mon Jul 15 10:22:59 EDT 2002
Hi,
does anyone know how knowledge of preshared secrets
and/or knowledge of private keys using certificate-
based authentication affects the security of
ipsec ?
That is: if an attacker knows the pre-shared secret/ or
the private key of _one_ of the parties negotiating a
vpn-connection, and is able to listen to the traffic --
will that attacker be able to calculate the session-keys
used for encryption ?
It is my understanding that a passive attacker would _not_
be able to calculate the session keys, and listen to the
encrypted traffic -- is this correct ?
--
Eirik Schwenke
"Eat right, exercise regularly, die anyway."
VPN is sponsored by SecurityFocus.com
More information about the VPN
mailing list