I had written:
>[ Sorry, I lost the attribution ]
>> Also, as Steve Crocker points out, use of any sort of message
>> ID, covered by the PEM protection, will suffice to detect replays. The
>> use of sequence numbers also allows a recipient to detect deletions
>> as well.
>
>Why not simply a date. It won't prevent deletions, but replays
>become irrelevant.
I realize now that a date IS some "sort of message ID", and I am just
repeating what Steve had pointed out.
Peter Williams <P(_dot_)Williams(_at_)cs(_dot_)ucl(_dot_)ac(_dot_)uk> replied:
why do you trust the source of the date? can this not be spoofed?
Can't the same be said of sequence numbers? I assume the adversary
is not able to forge messages. Replay attacks involve reissuing an
old message (or delaying a new one) so that its arrival will cause
confusion. I don't see how such a confusion can occur if the message
is dated. Unless, of course, it is your correspondant who is trying
to confuse you by lying about the date.
Maybe this view is too simplistic.
--
Philippe Hebrais hebrais(_at_)mirkwood(_dot_)cam(_dot_)org
Voix: (514)731-9146 uunet!philmtl!altitude!mirkwood!hebrais
It's impossible to make things foolproof because fools are so ingenious...