[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI: preshared

To: Henry Spencer <henry@spsystems.net>
Subject: Re: SOI: preshared
From: Michael Thomas <mat@cisco.com>
Date: Tue, 20 Nov 2001 15:11:19 -0800 (PST)
Cc: IP Security List <ipsec@lists.tislabs.com>
In-Reply-To: <Pine.BSI.3.91.1011119151452.9317C-100000@spsystems.net>
References: <15353.24948.198728.631259@thomasm-u1.cisco.com><Pine.BSI.3.91.1011119151452.9317C-100000@spsystems.net>
Sender: owner-ipsec@lists.tislabs.com

Henry Spencer writes:
 > > You could
 > > conceivably get rid of the DH if you don't care
 > > about identity, but for preshared keys it seems
 > > questionable why you'd want to do _either_.
 > 
 > Today's preshared keys are for authentication, not encryption, so the DH
 > step is not optional -- they often are things like English phrases, which
 > may be okay for authentication but definitely does not provide encryption
 > strong enough to adequately protect session-key exchanges. 

   Well, it need not be -- especially if you buy into 
   Cheryl's premise that IKE is a machine-machine
   protocol more than a user-user protocol. It's
   not hard to choose and remember a symmetric key
   which isn't subject to dictionary attacks if
   you're a machine, after all.

   But this really does beg the question of what
   the requirement actually is here. Do we need to
   have a well-supported/efficient peer to peer
   preshared key scheme for IKE or not. If we
   do, it informs this debate. If we do not, we
   can skip this debate altogether.

	    Mike

References:

Re: SOI: preshared

From: Michael Thomas <mat@cisco.com>

Re: SOI: preshared

From: Henry Spencer <henry@spsystems.net>

Prev by Date: IKE-SIGMA: draft-krawczyk-ipsec-ike-sigma-00.txt
Next by Date: Re: SOI: identity protection and DOS
Prev by thread: Re: SOI: preshared
Next by thread: Re: SOI: preshared
Index(es):
- Main
- Thread