[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: IPSEC Security Gateways & NAT

To: "'Derek Atkins'" <warlord@mit.edu>, jshukla <jshukla@earthlink.net>
Subject: RE: IPSEC Security Gateways & NAT
From: "Chen, David" <dchen@ellacoya.com>
Date: Tue, 19 Jun 2001 09:38:37 -0400
Cc: "'Dan Harkins'" <dharkins@lounge.org>, ipsec@lists.tislabs.com
Sender: owner-ipsec@lists.tislabs.com

Derek,

Id protection still valid as of today's mechanism (after DH-key exchange).
The IP address is not a user Id for user authorization, authentication.

The IP address is the machine Id (and maybe group user id) 
that will help to reduce randomly DOS attack *only*.

If we tunneled the IKE message, the inner IP address is not altered by the
NAT device(s) that in-between two SGs.
It could be unreachable addresses.  
Either NAT existing or not, the outer IP address are reachable address the
inner address may or may not routable and only for preventing DOS attack.

As for the mechanism, 
it seems enough by using as simple as modified CHAP mechanism with
the freedom of choosing hashing algorithm.
The random number is visible but
to protect from replay attack. (replay helps DOS attack) 
It is idea to let initiator to generate random number.

Regards,

--- David

-----Original Message-----
From: Derek Atkins [mailto:warlord@MIT.EDU]
Sent: Monday, June 18, 2001 9:30 PM
To: jshukla
Cc: Chen, David; 'Dan Harkins'; ipsec@lists.tislabs.com
Subject: Re: IPSEC Security Gateways & NAT

"jshukla" <jshukla@earthlink.net> writes:

> This is a very good point! In pre-shared key based
> authentication, there is no reason that the authentication
> must wait until the DH related work is done. Authenticating
> prior to DH can potentially make the IKE even more
> resistant to DoS attacks under pre-shared key. Already the
> anti-clogging cookies ensures that the attacker must perform
> almost equal amount of work until message 4. With source
> authentication before DH, we need not perform the work that
> is necessary to process message 5.... if the source is not
> authenticated.

However in order for pre-shared key to work as you suggest
(authentication before DH) you have to know a-priori the ID of your
peer in order to perform the authentication.  This implies that
either:
	a) you have to deny ID protection and send IDs in
	   the clear early in the protocol, or
	b) you have use IP Addresses as names.

You cannot use IP Addresses as names when traversing NAT, because the
IP Address is going to be changed by the NAT gateway to an unknown
address.  So, you either have to send IDs in the clear, or you have to
perform the DH first.

Note than an attacking initiator need not request pre-shared keys in
order to mount a DDoS attack against a responder.  Other
authentication means are just as susceptible.

> regards,
> Jayant

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available

Follow-Ups:

Re: IPSEC Security Gateways & NAT

From: Derek Atkins <warlord@mit.edu>

Prev by Date: Bakeoff?
Next by Date: VPN Bakeoff, Finland, August 13 thru 18, http://bakeoff.ipsec.com/
Prev by thread: RE: IPSEC Security Gateways & NAT
Next by thread: Re: IPSEC Security Gateways & NAT
Index(es):
- Main
- Thread