On Sat, Feb 2, 2019, 12:46 PM Gary E. Miller via devel <devel@ntpsec.org wrote:
> Yo Hal! > > On Sat, 02 Feb 2019 12:36:10 -0800 > Hal Murray via devel <devel@ntpsec.org> wrote: > > > But there is another pair of keys: C2S and S2C. They are used to > > authenticate and encrypt traffic between client and server. There is > > no explicit mechanism to roll them over - nor is there a need for one. > > Really? So unlimmited numbers of packets with identical C2S, S2S > and master key, differing only int ehnonce is not a problem? > > Pretty much every crypto algorithm I know of has a recommended > maximum number of uses. Allowing these two to be used unlimited times > is violating absic crypto principles goint back to well before how > Enigma, and other ciphers, were broken. > > > But if no packets are lost, C2S and S2C will be used forever. > > Yeah, bad. What you almost need is a cookie extension to trigger a rekeying periodically. You might want to look at the 2nd? Commit of mr 902 and then point and laugh. > >
_______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
