[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: New XAUTH draft
Hi Stephane,
Stephane Beaulieu wrote:
>
> <snip>
> > > Perhaps more importantly, I was also referring to the stability,
> > > analyzability, and other security-related properties of IKE. I think
> > > adding proxy servers for even 1 (let alone 16) secondary
> > > authentication
> > > protocols substantially impacts upon the security
> > > characteristics of the
> > > implementation.
> <snip>
>
> I assume that by this you mean that if a Phase 1 SA is used to secure XAUTH
> messages, then the Phase 1 SA becomes more susceptible to attack as more
> XAUTH data is encrypted. If not, please elaborate.
>
No, actually I'm referring to stability, analyzability, and other
security characteristics. Adding more complexity and states to IKE makes
it harder to analyze, and more susceptible to a variety of attacks.
There are a number of people better qualified to discuss this than I am
who might want to jump in here...
> <snip>
> > I'm missing the point again, I think. What is it about setting up
> > multiple SAs (2 in this case) which is insecure, and how is this
> > different than rekeying?
> <snip>
>
> If I did interprate your above comment correctly... My point was that
> whether you secure an XAUTH transaction with a Phase 1 SA or whether you use
> a Phase 1 SA to spawn a Phase 2 SA to secure an XAUTH transaction your
> reducing the lifetime of a Phase 1 SA.
Okay, I agree that you're consuming phase 1 entropy, but it's only
insecure if you don't have enough entropy to begin with, which can be
remedied in a number of ways, including starting with more, or rekeying,
right?
Scott
References: