[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SOI: identity protection and DOS
----- Original Message -----
Sent: Monday, November 26, 2001 5:40
PM
Subject: RE: SOI: identity protection and
DOS
> At 5:06 PM -0500 11/26/01, Andrew Krywaniuk
wrote:
> > > Positive traits of IKEv1 pre-shared keys:
>
>> a) easy for each party to set up
> >> b) not
susceptible to CRL time lag or CA key compromise
> >> c) fewer
exponentiations on each side for IPsec key setup
> >>
>
>> Negative traits of IKEv1 pre-shared keys:
> >>
d) hard to scale
> >> e) unless identity protection is not
needed, the initiator must be at
> >> known IP address, and
there must be only one pre-shared key at that
> >>
address
> > > f) out-of-band swapping of the key must be done
privately
> >
> >
> >Some comments on this:
>
>
> >(e) is only due to a flaw in IKEv1, and is unrelated to the use
of preshared
> >keys in general.
>
> Yup. Some people
think that identity protection is absolutely needed
> in every
circumstance, but most people would agree that identity
> protection isn't
worth preventing pre-shared secrets from working
> with mobile
users.
>
> >(f) is not really valid because you need an
out-of-band mechanism either
> >way.
>
> Not true. You
only need a authenticated transport for the public key
> hashes: you don't
have to keep them private.
>
> >(d) is the real reason for not
using preshared keys.
>
> ...for some people. In many environments,
scaling is not an an issue.
> It is easy to argue that setting up simple
CA and keeping its key
I suppose the CA's public key never
change. :-)
Otherwise, the CA's new public key(s)
has to pass on the phone too.
> secret and issuing CRLs and so on for a
5-gateway WAN is more
> difficult that passing around five preshared
secrets on the phone.
>
> --Paul Hoffman, Director
> --VPN
Consortium
>
References: