[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on "Hybrid Auth. mode for IKE"

To: IPsec List <ipsec@tis.com>
Subject: Re: Comments on "Hybrid Auth. mode for IKE"
From: Lewis McCarthy <lmccarth@cs.umass.edu>
Date: Sat, 25 Jul 1998 17:24:37 -0400
CC: Pyda Srisuresh <suresh@livingston.com>
Organization: Theoretical Computer Science Group, University of Massachusetts at Amherst
References: <199807242149.OAA08423@kc.livingston.com>
Sender: owner-ipsec@ex.tis.com

Pyda Srisuresh writes:
[...much elided...]
> Say, the Certification Authoriy is down for some reason and noone can
> get certs from there. Wouldnt you agree, it would be a good idea to
> have a backup authentication scheme in such a case?

That depends on the strength of your backup auth scheme and the types 
of attacks that most concern you. Switching to a backup scheme invites 
selective denial-of-service attacks in which the adversary 
prevents you from getting the desired certs from the CAs. Instead you 
are forced to the security level of your backup auth scheme. 
If the secondary auth scheme is weaker than the primary, then it's
easier for the adversary to subvert the authentication than it 
would have been with no backup scheme. (This is somewhat similar to 
the rollback attacks on SSL wherein the parties are coerced to 
negotiate an unnecessarily weak common auth scheme.)

-Lewis

References:

Re: Comments on "Hybrid Auth. mode for IKE"

From: suresh@livingston.com (Pyda Srisuresh)

Prev by Date: Re: ESP and AH used in tunnel mode by a Security Gateway
Next by Date: Re: Comments on "Hybrid Auth. mode for IKE"
Prev by thread: Re: Comments on "Hybrid Auth. mode for IKE"
Next by thread: Re: Comments on "Hybrid Auth. mode for IKE"
Index(es):
- Main
- Thread