Raising the level ... was RE: Authentication Mechanism Matrix

[David Jablon <dpj@xxxxxxxxxxxxx>]

I'd like to raise the level of discussion to consider what is possible
in secure roaming access, beyond the prior "Matrix".

At 10:42 PM 6/21/00 -0700, CHINNA N.R. PELLACURU wrote:
> I think the basic point is that whatever security a protocol like PIC can
> acheive, with a low entropy "human memorisable password", can be achieved
> within the scope of the current IKE standard. Obviously, we can't acheive
> more than what is cryptographically possible, with a low entropy password.

An interesting point.  ... which might lead one to ask:  What is possible?

Before 1990 or so, noone talked about how to negotiate a large key using
just a small password, in a way that kept the small secret safe.

Before 1993 or so, noone talked about extending these methods to
keep the server from storing data equivalent to the password.

Until recently, noone talked about how in a multi-server scenario you
can prevent *any single machine* from storing any password-crackable
data, allowing safe logins and safe storage of password-encrypted
private keys in the presence of evil system administrators.

"What is possible" is a moving target, but one at which few on
this list seem to be aiming.

I just don't understand the fixation on things like PIC.  But to be fair,
reading between the lines here, I also see no claim that PIC, or IKE, was
meant to achieve all that is cryptographically possible. 

> If your secret is "HRW#54", then the amount of security you can achieve
> using a protocol like PIC, can be achieved within the context of IKE as it
> exists today, and thus there is no real value to having anohter protocol
> like PIC.

Since, as you seem to say, neither provides any security against a 25 to 30-bit
off-line attack on a 25-to-30-bit password, I would tend to agree.

---------------------------------------------------
David P. Jablon
Integrity Sciences, Inc.
dpj@xxxxxxxxxxxxxxxxxxxxx
www.IntegritySciences.com