Re: RESEND: Thoughts on identity attacks

[David Jablon <dpj@world.std.com>]

Dan,

I couldn't help but notice some odd comments on keys and passwords
in your response:

At 04:09 PM 2/12/02 -0800, Dan Harkins wrote:
>... The mandatory-to-implement 
>authentication method for IKE does not distinguish between a "shared 
>[secret] password" and a "shared [secret] key". ...

IKE definines it as "authentication via pre-shared keys", with "key" 
very clearly present, and "password" nowhere to be found.
The distinction seems clear to me.

> As long as it's shared
>and symmetric the "entropy" doesn't matter. ...

Of course entropy (as a measure of randomness) matters, just like size.
A suffiently low-entropy pre-shared key makes IKE completely broken.
A sufficiently high-entropy pre-shared key, if mananaged properly,
works just fine, even though such systems may encounter scalability
problems in certain environments.

>... But given how broken the 
>mandatory-to-implement authentication method is I'm surprised that this
>is what is being used in the large deployments he was talking about. ...

It seems that you've using the word "broken" in a very specialized sense,
highlighting advantages of the "non-mandatory" public-key-based
authentication methods.

The trouble is, the world has enough trouble coming to grips with the basic
distinction of passwords vs. keys.  Noone benefits from blurring this distinction.

Perhaps the confusion reflects your focus on certain issues to the exclusion
of others, which, I'll admit, is also a problem not unfamiliar to me. :-)

-- David