[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Please save the pre-shared key mode



Alex,
I have demo why the Pre-shared public key is better than pre-shared
symmetric key.
I don't want to repeat myself.
However, you mention the social/political issues and 60's & 70's...,
I have to remind you that the purpose of secruity and secrecy is to serve
the *privacy*.
The privacy is individual or a group of individual.
The government is... well, a group of individuals.

Regardless which side you chose to belong to,
"the security is to serve privacy" is always true.

Don't see scientific argument, analysis and inference here but
religious.

--- David


----- Original Message -----
From: "Alex Alten" <Alten@netvista.net>
To: "Wang, Cliff" <CWang@smartpipes.com>; <ipsec@lists.tislabs.com>
Sent: Wednesday, December 05, 2001 10:20 PM
Subject: Re: Please save the pre-shared key mode


>
> I *strongly* 2nd this motion.  It would be extremely foolish
> to eliminate PSK support.  Foolish in this case translates into
> lots of extra expensive hardware, etc., for our poor customers.
>
> Of course software can handle the complexity of key distribution,
> thus eliminating the supposed advantage of PK v.s. PSK.
>
> Cliff, you need to understand the reason why PK is so popular
> with the IP crowd here.  Basically most of the older, influencial
> developers/architects are very pro-privacy. They grew up in the 60's
> and 70's during the height of the US Vietnam anti-war protests.
> PK really fits into their group-think philosphy of distrusting the
> government or whatever (dispite the fact that in the US, Europe and
> Japan most governments are very representative of the people).
>
> Unfortunately for them, in the real world, IP routing layer
> infrastructure is owned by corporate or governmental organizations,
> not by individuals.  Therefore privacy is being granted by the
> organization to the individual in order to use and access network
> resources owned by that organization.  PK does *not* fit this model
> very well.  After all why does an individual need generate a private
> key to access an organization's computers?  Might as well just hand
> him the private key, therefore PSK works just as well.
>
> The pity is that this heavy bias toward PK then blinds these guys
> and gals to the real problems with PK, primarily that it is **dog
> slow**, and tends to expand things (to the modulus size) thus making
> it a pain-in-the-ass to stick into a protocol (especially one that
> has to go over a slow, noisy wireless link).  Basically PK is
> the crypto world's equivalent of the networking world's ASN.1.
> It will be with us always whether we like it or not. Ugh.
>
> BTW, AtHome made it very clear to me recently that I (or my ISP ATT/TCI)
> had absolutely no rights to their network computers (like my email inbox
> on one of their servers).  A rather clear demonstration of the fact
> that my network access is a privilege granted by an organization (in
> exchange for money in this case), not a right.  Therefore using PK for
> it's secret private key advantage is rather useless.  AtHome would
> have cared less if I used PK or PSK with a VPN to access their email
> server.
>
> - Alex
>
>
>
>
> At 08:27 PM 12/5/2001 -0000, Wang, Cliff wrote:
> >
> >
> > I have noticed that pre-shared key has been eliminated in the
> > new key management protocol drafts. I understand the urge to
> > simplify the existing IKE protocol. However, I do think that
> > pre-shared key mode should be left as an option. There are a
> > couple of reasons for that suggestion:
> >
> > 1) Simplicity
> > Pre-shared key mode is simpler to support by eliminating the
> > requirement of supporting complex PKI. Without the pre-shared
> > key mode, are we forcing ourselves into using PKI system
> > (assuming we are not using KINK)? If so, I would like to suggest
> > that the new IKE replacement draft authors add the PSK options.
> > There are many existing deployment of PSK based IPsec VPN and
> > service providers are happy to keep the way it is without using
> > PKI.
> >
> > 2) Cost
> > Running PKI requires additional resources and increase the overall
> > cost of VPN deployment for managed service providers, while end
> > customer sees no increased benefits. If a customer out-sources his
> > VPN and he only cares about site-to-site secure connection, he is
> > probably not willing to choose a more costly PKI based solution.
> >
> > 3) Scalability
> > Although PKI does provide a much better scalability in key delivery,
> > for a managed VPN where each device has a secure channel to the
> > managing server, this advantage is less important. PSK can be generated
> > and provisioned to each box via the management channel to the device
> > easily for a managed VPN, along with other IPsec tunnel parameter
> > settings. Under such a centralized managed VPN, PSK based solution has
> > a good scalability.
> >
> > We have implementations and operational experience that show that an
> > automated VPN management tool has no scalability difficulties managing
> > PSK for each tunnel.  Therefore we believe that PSK is a viable choice
> > for VPN implementations and that PSK mode should be saved.
>
> --
>
> Alex Alten
> Alten@Home.Com
>
>


References: