[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Weak authentication in Xauth and IKE
Jan Vilhuber wrote:
> Isn't this exactly the case, if people start using the dreaded
> group-pre-shared-secret, i.e. assign a single shared-secret to all their
> dial-in customers?
I think there really are 2 distinct issues here:
i. Unless you assign every user to a distinct group,
there is a serious risk that a lost laptop etc will
yield the desired password. (This risk has been
discussed on various threads.)
ii. Even if you assign every user a distinct group
password, and you diligently revoke these as
soon as they become compromised, there is
still the risk that an adversary will carry out
an attack to *discover* your password. (This
risk is not so clear from the threads I have read.)
So a "group password" is a bad thing, both because it
is a password (has "low entropy") and because it is shared
among some group (regardless of its strength). Jianying
correctly pointed out a flaw in my attack which was
corrected is a separate post. But dictionary attacks are
always possible against weak shared secrets even if they
are shared between users.
John
References: