[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New XAUTH draft



 

Paul Koning wrote:
<sic>

>  
> To put it differently, can you describe an attack that demonstrates
> your assertion?  Say that you and I are both using XAUTH to
> authenticate with a central site, using a preshared key common to the
> three of us.  Can you demonstrate an attack that allows you to
> impersonate me, resulting in IPSec SAs to your box that appear to be
> bound to my identity?  If so, then I would agree to your assertion.
> But if not, it seems to me your assertion is either invalid or not
> useful, and XAUTH is then shown to provide an additional service.

Actually I think I can give you such an attack.
Assume that paul and Daniel have the same shared key to connect to
Security Gateway (SG).
Daniel can mount a simple man in the middle attack -
When Paul tries to connect to SG, Daniel spoofs the SG and simultaneously
have his own Phase 1 with SG.
Paul finishes the Phase 1 and proceeds to XAUTH talking with Daniel but
thinking he is talking to SG.
By serving as proxy during the XAUTH exchange Daniel makes the SG believe
it is speaking with Paul.
At the end of XAUTH, not only did Daniel made the SG believe it is talking
with Paul, but Dan has also acquired Paul's credentials.
Assuming these credentials are static it can now impersonate Paul whenever
he wants.
Even If the credentials are static, Dan can use the IKE SA to to negotiate
Quick Mode.
Hybrid was designed to resist exactly this kind of attacks.

Tamir.
 
 



Follow-Ups: References: