[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Authentication Mechanism Matrix (was L2TP vs IPSEC)

To: Ben McCann <bmccann@xxxxxxxxxxxxxx>
Subject: Re: Authentication Mechanism Matrix (was L2TP vs IPSEC)
From: "CHINNA N.R. PELLACURU" <pcn@xxxxxxxxx>
Date: Wed, 21 Jun 2000 13:18:05 -0700 (PDT)
Cc: Hugo Krawczyk <hugo@xxxxxxxxxxxxxxxxx>, "'IPSRA list'" <ietf-ipsra@xxxxxxxx>
In-reply-to: <>
List-archive: <http://www.vpnc.org/ietf-ipsra/mail-archive/>
List-id: <ietf-ipsra.vpnc.org>
List-unsubscribe: <mailto:ietf-ipsra-request@vpnc.org?body=unsubscribe>
Sender: owner-ietf-ipsra@xxxxxxxxxxxxx

There is no requirement that the pre-shared key has to come from the
authentication server. This is just a possibility. The pre-shared key can
infact be local on the gateway.

If we run IPSec between the gateway and the legacy server, then I don't
think anyone would have any complaints about how we fetch the password.

If infact the channel between the gateway and the authentication server is
insecure, then there are many vulnerabilities, and just protecting against
this "oracle" thread model doesn't buy us much.

    chinna

On Wed, 21 Jun 2000, Ben McCann wrote:

> "CHINNA N.R. PELLACURU" wrote:
> > 
> > Consider this model:
> > 
> > You add anohter AV pair to whatever legacy authentication server you are
> > using today, like a IKE-Pre-Shared-Key attribute. Now, we fetch the
> > pre-shared key from the legacy authentication server, and do the IKE
> > pre-shared key authentication in a way that it is not vulnerable to
> > passive off-line dictionary attacks. This will do the authentication of
> > the user in a way that IPSRA wants.
> 
> It is not safe to "fetch" the preshared key from the authentication
> server because now that server becomes an "oracle" that can be asked
> "Give me the pre-shared key for user FOO". The current Radius mechanism
> accepts queries of the form "Is FOO's password equal to BAR" and returns
> TRUE or FALSE. It requires an active dictionary attack to learn FOO's
> password is BAR rather than just _asking_ the server.
> 
> I know you could authenticate the gateway to the Radius server but
> I assert a PASS/FAIL mechanism has to be safer than just 'Tell me
> the secret' no matter how strongly you authenticate the gateway. So,
> I doubt the AAA group or the IAB would support a Radius change that
> requires the radius server to divulge the authentication secret.
> 
> -Ben McCann
> 
> -- 
> Ben McCann                              Indus River Networks
>                                         31 Nagog Park
>                                         Acton, MA, 01720
> email: bmccann@xxxxxxxxxxxxxx           web: www.indusriver.com 
> phone: (978) 266-8140                   fax: (978) 266-8111
> 

chinna narasimha reddy pellacuru
s/w engineer

References:
- Re: Authentication Mechanism Matrix (was L2TP vs IPSEC)
  - From: Ben McCann

Prev by Date: Re: Authentication Mechanism Matrix (was L2TP vs IPSEC)
Next by Date: RE: Authentication Mechanism Matrix (was L2TP vs IPSEC)
Previous by thread: Re: Authentication Mechanism Matrix (was L2TP vs IPSEC)
Next by thread: Re: Authentication Mechanism Matrix (was L2TP vs IPSEC)
Index(es):
- Date
- Thread