[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(usagi-users 01953) Re: IPsec - automatic key distribution - basic question

To: usagi-users@xxxxxxxxxxxxxx
Subject: (usagi-users 01953) Re: IPsec - automatic key distribution - basic question
From: Kazunori Miyazawa <miyazawa@xxxxxxxxxxxxxxxxx>
Date: Wed, 13 Nov 2002 00:49:15 +0900
Cc: alanboerik99@xxxxxxxxxxx
In-reply-to: <F31tcZX4xu3f4AUVSME000094af@hotmail.com>
References: <F31tcZX4xu3f4AUVSME000094af@hotmail.com>
Reply-to: usagi-users@xxxxxxxxxxxxxx

Hello,

On Tue, 12 Nov 2002 12:58:20 +0000
"Alan Boerik" <alanboerik99@xxxxxxxxxxx> wrote:

> 
> Hello,
> I'm trying to use IPsec, there are some basic things I don't understand 
> about key distribution.
> In the case of preshared keys using automatic keys, can a malicious get the 
> secret listening to udp port?
> And in the case of RSA how keys distribution works?
> Thank you very much for your help
> Alan Boerik
> 
> 

The key is never send on wire with using pre-shared key to authentication, 
a malicious can not get the key directory.

IKE authenticate the other with hashed id.

Please refer to RFC2409.

Thank you,

--Kazunori Miyazawa(YOKOGAWA Electric Corporation)

References:
- (usagi-users 01952) IPsec - automatic key distribution - basic question
  - From: Alan Boerik

Prev by Date: (usagi-users 01952) IPsec - automatic key distribution - basic question
Next by Date: (usagi-users 01954) info about IPsec
Previous by thread: (usagi-users 01952) IPsec - automatic key distribution - basic question
Next by thread: (usagi-users 01954) info about IPsec
Index(es):
- Date
- Thread