[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Please kill preshared key.



The current PSK methods in IKEv1 lead to some horrible, insecure hacks
in real
  implementations/deployments.

I know of at least one VPN/Road-Warrior implementation where the server
uses
  PSK to authenticate itself to a client--but it uses the SAME PSK for
every
  member of a "group", where groups are very large.  This means that
anyone in
  the group can pretend to be a server to any other member of the group.
  This wouldn't happen in a self-signed PK-style pre-share.  The
  client adds the PK self-signed pre-share to their "trusted" list, and
  only the real server (possessor of the private key) can convince a
client
  of its authenticity.

If symmetric PSKs are kept, it had better be possible to do it right,
and
  rather hard to do it wrong.


Follow-Ups: References: