Re: Hybrid Authentication and Remote Access

[Tero Kivinen <kivinen@ssh.fi>]

Moshe Litvin writes:
> > > When dealing with remote users (with no fixed IP) the server has to
> > > remember some dynamic data to be able to do isakmp (it at least has to
> > > know that there is a remote user at that IP, it will probably want to
> > > know who is the user (perhaps that user is not permited to work at those
> > > hours so there is no need to waste effort on negotiation). In some case
> > > it will do some sort of NAT, so it will have to remember also this.
> > That information is usually stored in the ipsec SA and the ISAKMP SA
> > doesn't need to store that information. 
> This a strange implementation choice, you may have a lot of IPSEC SA's
> Simultaneously, and they will change all the time. Why do you want to
> copy all that information to every separate IPSEC SA (especially since
> you are so concerned about resource shortage).

That information must be inside the IPsec SA. It must know ip address
of the remote node, it is not interested in who the user, and it it
doesn't need to store that information. On the other hand isakmp
doesn't need to store anything about the IPsec SA after it has been
initialized and it can throw away all information about ISAKMP SA and
IPsec SA after it has installed IPsec SA to the IPsec engine.

If the ISAKMP module runs out of the memory it can safely throw away
everything that is not in the middle of the negotiation, and it
doesn't cause any more trouble than that we might have to renegotiate
the ISAKMP SA later.

Note, that for example the ISAKMP SA information stored in the ISAKMP
SA can be quite large, for example if you are using blowfish
encryption the encryption context is 4 kB.

The IPsec must store the protocol, spi, dst-addr, and algorithm
context (esp, ah, replay). New normal isakmp negotiation can be
started by the server by just one information the
destionation-address, everything else will be received from the isakmp
negotiation itself. So when the IPsec SA expires, it only needs to
send message to isakmp module saying that it wants to have new IPsec
SA with this destination host and the ISAKMP module will then check if
it already has an ISAKMP SA with that host and if not it will start
main mode.

ISAKMP module doesn't have to store anything about the remote users.

> The problem of rekeying is a direct consequences of the asymmetrical
> nature of the hybrid mode. The asymmetrical nature gives the ability to
> harness the powers of public key cryptography without using a full blown
> PKI, but there is such thing as free lunch. However implementations that
> are aware of that problem can solve it quite easily. 

If you create your own exchange for hybrid mode, you can also fix
this.
-- 
kivinen@iki.fi                               Work : +358-9-4354 3218
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/

---

Follow-Ups:

• Re: Hybrid Authentication and Remote Access
• From: Stephen Kent <kent@bbn.com>

References:

• Hybrid Authentication and Remote Access
• From: Vipul Gupta <vgupta@nobel.Eng.Sun.COM>
• Re: Hybrid Authentication and Remote Access
• From: "Scott G. Kelly" <skelly@redcreek.com>
• Re: Hybrid Authentication and Remote Access
• From: moshe@checkpoint.com (Moshe Litvin)
• Re: Hybrid Authentication and Remote Access
• From: Tero Kivinen <kivinen@ssh.fi>
• Re: Hybrid Authentication and Remote Access
• From: Moshe Litvin <moshe@checkpoint.com>
• Re: Hybrid Authentication and Remote Access
• From: Tero Kivinen <kivinen@ssh.fi>
• Re: Hybrid Authentication and Remote Access
• From: Moshe Litvin <moshe@checkpoint.com>

---

• Prev by Date: header of the Subjects
• Next by Date: Re: Hybrid Authentication and Remote Access
• Prev by thread: Re: Hybrid Authentication and Remote Access
• Next by thread: Re: Hybrid Authentication and Remote Access
• Index(es):
  • Main
  • Thread