blank.gif (43 bytes)

Church Of The
Swimming Elephant

Search:
6.3. Protocol Correctness Connected: An Internet Encyclopedia
6.3. Protocol Correctness

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 1446
Up: 6. Security Considerations
Prev: 6.2. Conformance
Next: 6.3.1. Clock Monotonicity Mechanism

6.3. Protocol Correctness

6.3. Protocol Correctness

The correctness of these SNMPv2 security protocols with respect to the stated goals depends on the following assumptions:

  1. The chosen message digest algorithm satisfies its design criteria. In particular, it must be computationally infeasible to discover two messages that share the same digest value.

  2. It is computationally infeasible to determine the secret used in calculating a digest on the concatenation of the secret and a message when both the digest and the message are known.

  3. The chosen symmetric encryption algorithm satisfies its design criteria. In particular, it must be computationally infeasible to determine the cleartext message from the ciphertext message without knowledge of the key used in the transformation.

  4. Local notions of a party's authentication clock while it is associated with a specific private key value are monotonically non-decreasing (i.e., they never run backwards) in the absence of administrative manipulations.

  5. The secrets for a particular SNMPv2 party are known only to authorized SNMPv2 protocol entities.

  6. Local notions of the authentication clock for a particular SNMPv2 party are never altered such that the authentication clock's new value is less than the current value without also altering the private authentication key.

For each mechanism of the protocol, an informal account of its contribution to the required goals is presented below.

Pseudocode fragments are provided where appropriate to exemplify possible implementations; they are intended to be self-explanatory.


Next: 6.3.1. Clock Monotonicity Mechanism

Connected: An Internet Encyclopedia
6.3. Protocol Correctness

Cotse.Net

Protect yourself from cyberstalkers, identity thieves, and those who would snoop on you.
Stop spam from invading your inbox without losing the mail you want. We give you more control over your e-mail than any other service.
Block popups, ads, and malicious scripts while you surf the net through our anonymous proxies.
Participate in Usenet, host your web files, easily send anonymous messages, and more, much more.
All private, all encrypted, all secure, all in an easy to use service, and all for only $5.95 a month!

Service Details

 
.
www.cotse.com
Have you gone to church today?
.
All pages ©1999, 2000, 2001, 2002, 2003 Church of the Swimming Elephant unless otherwise stated
Church of the Swimming Elephant©1999, 2000, 2001, 2002, 2003 Cotse.com.
Cotse.com is a wholly owned subsidiary of Packetderm, LLC.

Packetderm, LLC
210 Park Ave #308
Worcester, MA 01609