[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Weak authentication in Xauth and IKE

To: Jianying Zhou <jyzhou@krdl.org.sg>
Subject: Re: Weak authentication in Xauth and IKE
From: Jan Vilhuber <vilhuber@cisco.com>
Date: Fri, 20 Aug 1999 11:09:35 -0700 (PDT)
cc: John Pliam <pliam@ima.umn.edu>, ipsec@lists.tislabs.com
In-Reply-To: <Pine.GSO.4.02.9908201236070.11521-100000@arizona>
Reply-To: Jan Vilhuber <vilhuber@cisco.com>
Sender: owner-ipsec@lists.tislabs.com

On Fri, 20 Aug 1999, Jianying Zhou wrote:
> > After the adversary computes k (knowing everything) she decrypts
> 
> 
> How does the adversary know everything to computer k ???
> The initiator uses the pw shared with R (not M) to compute s
> and derive k. Does the adversary know pw in advance?
> 
Isn't this exactly the case, if people start using the dreaded
group-pre-shared-secret, i.e. assign a single shared-secret to all their
dial-in customers?

jan
 --
Jan Vilhuber                                            vilhuber@cisco.com
Cisco Systems, San Jose                                     (408) 527-0847

Follow-Ups:

Re: Weak authentication in Xauth and IKE

From: John Pliam <pliam@ima.umn.edu>

References:

Re: Weak authentication in Xauth and IKE

From: Jianying Zhou <jyzhou@krdl.org.sg>

Prev by Date: Re: ID Policy: was RE: Non-IP type Client IDs
Next by Date: Re: Weak authentication in Xauth and IKE
Prev by thread: Re: Weak authentication in Xauth and IKE
Next by thread: Re: Weak authentication in Xauth and IKE
Index(es):
- Main
- Thread