Re: RESEND: Thoughts on identity attacks

[Dan Harkins <dharkins@tibernian.com>]

  Well not entirely rhetorical. What I was asking for was his opinion of
what these people want and are using. The mandatory-to-implement 
authentication method for IKE does not distinguish between a "shared 
[secret] password" and a "shared [secret] key". As long as it's shared
and symmetric the "entropy" doesn't matter. But given how broken the 
mandatory-to-implement authentication method is I'm surprised that this
is what is being used in the large deployments he was talking about.
Or maybe he's talking about legacy authentication using RADIUS or the
like. I don't know. I'd like to know though.

  Dan.

On Tue, 12 Feb 2002 22:27:00 EST you wrote
> At 01:41 PM 2/12/02 -0800, Dan Harkins wrote:
> >On Tue, 12 Feb 2002 12:34:17 PST Khaja wrote
> >> I meant shared secrets not shared password.
> >
> >  If that's what you meant then you shouldn't have written "shared password"
>.
> >But please explain the difference anyway. [...]
> 
> I'm pretty sure that Dan was asking a rhetorical question here.
> But it is a point of common confusion.
> 
> To help, I propose the following definitions, based on observed common usage:
> 
>         shared [secret] password:
>                 a low-entropy secret authenticator.
> 
>         shared [secret] key:
>                 a high-entropy cryptographic secret.
> 
>         shared secret:
>                 a key that was probably derived from a password, but used in
>                 a cryptographic system in which there is misplaced hope that
>                 the secret truly does have high entropy.
> 
> I think this, plus the ambiguity argument, makes a good case for
> "shared secret" to be deprecated.
> 
> -- David
> 
>