Re: debugging encrypted part of isakmp

看板FB_security作者時間21年前 (2005/01/15 23:30), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串5/6 (看更多)
on 14.01.2005 17:22 Bruce M Simpson said the following: > On Fri, Jan 14, 2005 at 04:44:19PM +0200, Andriy Gapon wrote: > >>So, I am looking for the easiest way to decrypt isakmp packets using >>both packet data and information like pre-shared keys, certificates etc. > > > There's probably not a lot that you can do here, short of turning on all > the debugging switches you can find for the opaque IKE implementation > you're dealing with; unless the isakmp decoder in tcpdump were modified > to accept keying material. We already do this for AH, ESP, TCP-MD5 but > not IKE itself as that's a non-trivial task. I see. I think it should not be too hard theoretically to write a program that would do such decryption offline, using code from isakmpd or racoon, and playing for both sides to deduce internal state/random values that original parties used. But that's definitely a lot of work. -- Andriy Gapon _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 avg. 的文章
文章代碼(AID): #11wJSl00 (FB_security)
更多 avg. 的文章
文章代碼(AID): #11wJSl00 (FB_security)