The Deviation Attack: A Novel Denial-of-Service Attack Against IKEv2 - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2019

The Deviation Attack: A Novel Denial-of-Service Attack Against IKEv2

Résumé

In previous analyses IKEv2 has been shown to suffer from an authentication vulnerability that was considered not exploitable. By designing and implementing a novel slow Denial-of-Service attack, which we name the Deviation Attack, we show that the vulnerability is actually exploitable. We explain the attack’s requirements, propose possible counter-measures and propose two possible modifications of the protocol, which both overcome the vulnerability.
Fichier principal
Vignette du fichier
trustcomsubmitted.pdf (403.52 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01980276 , version 1 (25-01-2019)
hal-01980276 , version 2 (22-10-2019)

Identifiants

  • HAL Id : hal-01980276 , version 2

Citer

Tristan Ninet, Axel Legay, Romaric Maillard, Louis-Marie Traonouez, Olivier Zendra. The Deviation Attack: A Novel Denial-of-Service Attack Against IKEv2. TrustCom 2019 - 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Aug 2019, Rotorua, New Zealand. pp.1-8. ⟨hal-01980276v2⟩
462 Consultations
1194 Téléchargements

Partager

Gmail Facebook X LinkedIn More