[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Comments on "Hybrid Auth. mode for IKE"
Pyda Srisuresh writes:
[...much elided...]
> Say, the Certification Authoriy is down for some reason and noone can
> get certs from there. Wouldnt you agree, it would be a good idea to
> have a backup authentication scheme in such a case?
That depends on the strength of your backup auth scheme and the types
of attacks that most concern you. Switching to a backup scheme invites
selective denial-of-service attacks in which the adversary
prevents you from getting the desired certs from the CAs. Instead you
are forced to the security level of your backup auth scheme.
If the secondary auth scheme is weaker than the primary, then it's
easier for the adversary to subvert the authentication than it
would have been with no backup scheme. (This is somewhat similar to
the rollback attacks on SSL wherein the parties are coerced to
negotiate an unnecessarily weak common auth scheme.)
-Lewis
References: