[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Comment on xauth and hybrid

To: "'Tamir Zegman'" <zegman@checkpoint.com>
Subject: RE: Comment on xauth and hybrid
From: Greg Carter <greg.carter@entrust.com>
Date: Thu, 22 Jul 1999 13:53:47 -0400
Cc: ipsec@lists.tislabs.com, ietf-ipsra@vpnc.org
Sender: owner-ipsec@lists.tislabs.com

Hi Tamir,

	I think that Dan was talking about the use of a global pre-shared
key in Phase1.
	This is not Hybrid.
	Could you refer me to that above mentioned thread?

Hybrid expects the Secure GW to use keying material it hasn't authenticated
yet, to me this is similar to the global shared key case.

	With regard to DoS attacks this weakness is inherent to IKE as it is
today:
	I assume you are not talking about Aggressive mode which opens you
to very
	vicious DoS attacks no matter what authentication you are using but
on MainMode.

Except with regular IKE at the end of phase 1 you have authenticated the
client, so if it fails you can through away state.  Hybrid you must keep the
phase 1 state around and do an XAUTH to authenticate the client.  Given that
most of the XAUTH methods (token cards) are rather lengthy operations I
think this is worse, especially given that you'll have to allow for mistyped
responses and have to 'retry' the AXUTH a number of times before failing.
Or do you force a new phase 1 for each XAUTH attempt? 

> [Greg Carter] I meant 'soft' challenge/response tokens:
>
> http://www.securitydynamics.com/products/datasheets/securidst-ds.html
> <http://www.securitydynamics.com/products/datasheets/securidst-ds.html>
>
> http://www.axent.com/product/dsbu/def2.htm#secure
> <http://www.axent.com/product/dsbu/def2.htm#secure>
>
> , which you as a SGW have no way of knowing the user is using.  So you can
> not guarantee that the user is using a 'hard' token, so the arguments that
> challenge/response tokens are more "secure" than public key are not valid.
>


	I think we agree. I was talking about hardware legacy tokens while
you are
	discussing software.
	I was not trying to say that Hybrid is better than signatures but
that in some
	situations it is not much worse.

I know your were talking about hardware tokens, I was pointing out that it
is impossible for your gateway to distinguish a SecurID hardware token user
from a SecurID software token user. So how can you make claims that using
hardware tokens is better if there is no cryptographic way to prove the
client is using them?

Again I don't care if others want to do this, just don't claim it is better,
or equivalent to existing IKE.
Bye.

Follow-Ups:

Re: Comment on xauth and hybrid

From: Tamir Zegman <zegman@checkpoint.com>

Prev by Date: Re: Checking incoming traffic against SPD
Next by Date: RE: XAUTH is broken
Prev by thread: Re: Comment on xauth and hybrid
Next by thread: Re: Comment on xauth and hybrid
Index(es):
- Main
- Thread