How are cookies used to prevent problems in Internet Key Exchange (IKE)? Also, why are they called cookies, and how are they similar or different to cookies used by Web sites to keep track of visitors?
In IPsec, the Internet Key Exchange (IKE) utilizes cookies to prevent clogging attacks; this occurs when a user requests a large number of keys, thus forcing the system to spend too many resources to compute actual tasks effectively. The cookie exchange in IKE enforces that each side sends a pseudorandom number (the cookie) in the original message, which is then acknowledged by the other side. The cookie exchange has to be replicated in the initial message of the Diffie-Hellman key exchange. If the source address of the dialogue is found to be fraudulent, then the unauthorized user (attacker) would not receive an answer; due to this, an attacker can only compel a user to create acknowledgments, not initiate the Diffie-Hellman calculation (Stallings, 2017).
IKE enforces that its cookie creation meets three guidelines, such as being reliant on the specific parties; this inhibits an unauthorized user from gaining a cookie by using an authorized IP address and UDP port (which can then be utilized to spam the victim with random IP addresses or ports). Furthermore, unauthorized users are required not to be able to produce entity-accepted cookies by forcing the issuing entity to use local secret information in both the creation and verification of a cookie; this data cannot be able to be deduced. In essence, copies of cookies shall not be stored, thus reducing the vulnerability of them (they can still verify, though). Finally, cookie generation and authentication processes must be performed quickly to prevent attacks that are aimed at disrupting/using all of a system’s resources. Per the text, the recommended best-practice for cookie creation is by using a fast hash over the IP Source/Destination addresses, UPD Source/Destination ports, and a locally-generated secret value (Stallings, 2017).
In the movie, A Christmas Story, Ralphie gets a decoder ring in the mail that he uses to decode a message from the Little Orphan Annie radio show. What kind of cipher is the ring based on, and how would you use it to encrypt or decrypt messages?
In my research, I have found that Ralphie actually never receives a decoder ring, and instead, using a secret decoder pin; this, however, does not take away any of the interest of the encryption and decryption process. The ring used by Ralphie used a simple substitution cipher encryption scheme. To decrypt the message sponsored by Ovaltine, one would view the numbers and letters in the massage and then merely replace them using the corresponding letter/number on the decoder ring. I remember this movie well, and the radio show would inform the listener to rotate the ring to a specific letter/number combo (such as B-2); this allowed the listener to be aligned with the master sheet. Once the listener used the master sheet, decoder, and the encrypted message correctly, the decoded message would be revealed. While the process is awesome, Ralphie, unfortunately, learned the hard way that advertising rules the world. The basic symmetrically encrypted message, “Be sure to drink your Ovaltine,” was decrypted, revealing to Ralphie the one thing he did not need to hear, drink more of what you have been continuously drinking.
Stallings, W. (2017). Network Security Essentials: Applications and Standards (Sixth). Pearson.
Knudson, K. (2015, December 26). The Mathematics Behind Ralphie’s Secret Decoder Pin. Retrieved April 27, 2020, from https://www.forbes.com/sites/kevinknudson/2015/12/25/the-secret-decoder-pin/#536bf7aa344b
Leave a Reply