Is this behavior of the Reconfigure Key Authentication Protocol correct?

Hello Mr. Ralph Droms,

Thank you for your reply.

I could get correct understanding.

Best Regards,
On Sat, 1 Apr 2006 09:33:47 +0900
"Ralph Droms" <rdromscisco.com> wrote:

> Re: [dhcwg] [Question]Is this behavior of the
Reconfigure Key Authentication Protocol correct?
> 
> Hideshi-san - Your observaation is correect: the
authentication key for
> reconfiguration assumes that the key cannot be
intercepted and used for
> sending malicious Reconfigure messages.
> 
> - Ralph
> 
> 
> On 3/10/06 7:09 AM, "Hideshi Enokihara"
<Hideshi.Enokiharajp.yokogawa.com>
> wrote:
> 
> > Hi all,
> >
> > I have some questions regarding Reconfigure Key
Authentication Protocol.
> >
> > Is this behavior(like following) of the
Reconfigure Key Authentication
> > Protocol correct?
> > ---------------------------------
> >
> >        Server  Client
> >         |       |
> >         |       |
> >         | <---- | Solicit
> >         | ----> | Advertise
> >         | <---- | Request with Reconfigure
Accept Option
> >         | ----> | Reply with Reconfigure Accept
Option
> >         |       |       and Authentication Option 
(*1)
> >         |       |
> >         |       |
> >         | ----> | Reconfigure with comptuted
Authentication (*2)
> >         | <---- | Renew or Information-Request
(*3)
> >         |       |  (depend on Reconfigure
message's(*2's) msg-type)
> >         | ----> | Reply (*4)
> >
> > (*1):The server transmits the 128 bits Reconfigure
Key
> >      in Authentication option to the clinet.
> > (*2):The server computes an HMAC-MD5 of the
Reconfigure message
> >      using the Reconfigure Key and includes the
HMAC-MD5
> >      in the authentication information field in an
Authentication option
> >      included in the Reconfigure message sent to
the client.
> > (*3):To authenticate a Reconfigure message, the
client computes
> >      an HMAC-MD5 over the DHCP Reconfigure
message,
> >      using the Reconfigure Key received from the
server,
> >      and the client transmits the Renew or
Information-Request message
> >      without Authentication option to the Server.
> > (*4):The server transmits the Reply message
without Authentication option.
> > ---------------------------------------
> > [Question1]
> > Is this behavior correct?
> >
> >
> > If this behavior is correct, I also have a
question in step (*1).
> >
> > [Question2]
> > If a malicious DHCP server intercepts the Reply
message(*1),
> > the malicious DHCP server can get Reconfigure Key,
I think.
> > Then, the malicious DHCP server can send the
Reconfigure message with
> > fallacious information.
> >
> > If this situation happens, I think that the
effectiveness of Reconfigure Key
> > Authentication Protocol is lost.
> >
> > What do you think?
> > What is the purpose of Reconfigure Key
Authentication Protocol?
> >
> > Best Regards,


-- 
*************************************
Hideshi Enokihara
IPv6 Business
Network & Software Development Dept.
Yokogawa Electric Corporation

_______________________________________________
dhcwg mailing list
dhcwgietf.org
https://
www1.ietf.org/mailman/listinfo/dhcwg