[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: On shared keys (was RE: SOI: identity protection and DOS)

To: "Wang, Cliff" <CWang@smartpipes.com>
Subject: Re: On shared keys (was RE: SOI: identity protection and DOS)
From: Derek Atkins <warlord@mit.edu>
Date: 30 Nov 2001 16:14:06 -0500
Cc: "'Sandy Harris'" <sandy@storm.ca>, "'IPsec WG'" <ipsec@lists.tislabs.com>
In-Reply-To: "Wang, Cliff"'s message of "Fri, 30 Nov 2001 18:52:54 -0000"
References: <4652644B98DFF34696801F8F3070D3FE0118846F@D2CSPEXM001.smartpipes.com>
Sender: owner-ipsec@lists.tislabs.com

"Wang, Cliff" <CWang@smartpipes.com> writes:

> [cliff] Again, using provisioning and management tools, managing n*(n-1)/2
> unique keys does not pose a scalability issue at all. The key can be
> provisioned to each box easily, since both ends of a tunnel are under the
> same management. On the other side, when you are using cert, you still have
> to deal the issue of sending the private key to the box, if the key pair is
> generated outside of the box, or deal with the issue of making cert request
> and then later install the cert. Do you think that is easier than just
> delivering the PSK to the device by management software?

You presuppose a CA.  I can envision a system (it exists today) where
the key is generated on the box and no external communication is
required.  No cert_req; no cert_resp.  As a device manager all you
have to do is read the public key off the device and use it.

> [sandy]
> With public key, you need only n key pairs. There is no need to communicate
> keys securely; the system is designed to work even if the enemy knows the
> public keys. Nor do you have to manage security for multiple keys, or keep
> track of who each key is shared with. You just need to keep your private key
> secure, not shared with anyone.
>   
> [cliff] It depends where the key pair is generated. If it is generated
> inside the box, you need to get the cert request out and then later install
> the issued cert. You also have to install root CA chain to each box. You
> also have to do CRL checking. Simple comparison between N key pair vs.
> n*(n-1)/2 unique keys is unfair. You have to look at the whole picture.

Again, you are imposing a Certification Authority which does not
necessarily exist.  It certainly is not required.

> So please look at the whole picture and realize that PSK based VPN has been
> offered by service providers and accepted happily by tens-of-thousands
> customers because of its simplicity and good scalability when such VPN
> systems are deployed via provisioning and management tools.

And sand has been offered by oasis's in deserts all around the world
for centuries, and people will still drink it.

Yes, you have to look at the whole picture, and realize that you're
placing additional, needless constraints on the problem (namely an
external Certificate Authority with all the trimmings).  If you
compare apples to apples (instead of apples to oranges, which is what
you're doing), you would be comparing Pre-Shared Public Keys (without
a CA) to Pre-Shared Symmetric Keys.

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available

References:

RE: On shared keys (was RE: SOI: identity protection and DOS)

From: "Wang, Cliff" <CWang@smartpipes.com>

Prev by Date: RE: On shared keys (was RE: SOI: identity protection and DOS)
Next by Date: Re: On shared keys (was RE: SOI: identity protection and DOS)
Prev by thread: RE: On shared keys (was RE: SOI: identity protection and DOS)
Next by thread: RE: On shared keys (was RE: SOI: identity protection and DOS)
Index(es):
- Main
- Thread