[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: replacing preshared keys

To: "'sommerfeld@east.sun.com'" <sommerfeld@east.sun.com>, "'Paul Koning'" <pkoning@equallogic.com>
Subject: RE: replacing preshared keys
From: Tim Alsop <Tim.Alsop@CyberSafe.Ltd.UK>
Date: Fri, 21 Jun 2002 15:46:17 +0100
Cc: "'mcr@sandelman.ottawa.on.ca'" <mcr@sandelman.ottawa.on.ca>, "'ipsec@lists.tislabs.com'" <ipsec@lists.tislabs.com>
Sender: owner-ipsec@lists.tislabs.com

Hi,

I have been watching this discussion develop over the last few days. I don't
know if anybody has considered it, but it looks like what is needed is a way
to combine the best of PK technology (not necessarily PKI) and a shared
secret mechanism and perhaps also a key management solution is needed to
help with secret key deployment ? I may not have summarised it very well and
I appologise for this, but it looks like the answer may already exist - See
PKINIT (Internet Draft for PK authentication with Kerberos) and Kerberos
(RFC1510). I also suggest that the standards that CableLabs (www.cablelabs)
have agreed upon for the worldwide PacketCable and CableHome initiatives for
the cable network industry are allready taking advantage of IKE, IPSEC,
Kerberos and PKINIT together - this is a real example of these technologies
being used together to achieve the desire results - perhaps these
discussions can learn something from this ? Once again, sorry if I haven't
explained this and for mentioning this so late in the discussions. I hope it
sparks of some new ideas ?

Thanks, Tim.

-----Original Message-----
From: Bill Sommerfeld [mailto:sommerfeld@east.sun.com] 
Sent: 20 June 2002 20:14
To: Paul Koning
Cc: mcr@sandelman.ottawa.on.ca; ipsec@lists.tislabs.com
Subject: replacing preshared keys

> A LOT longer.  Long enough that -- unlike preshared keys -- you cannot
> enter them manually.

how about either hash-of-public-key (i.e., key fingerprint) or
hash-of-selfsigned-cert or as the user-visible identification blob?

with truncated hashes, you can trade off security vs. ease-of-use.

> True.  But PK, even if all you ever use is selfsigned certs, still
> needs a lot more near-incomprehensible concepts than preshared keys
> do.

user runs a program to generate the node key and the self-signed cert
and it spits out the hash-of-key or hash-of-cert which is exchanged
out of band with peers.  i don't see particularly hard concepts there
in terms of explaining what you have to do..

						- Bill

Prev by Date: Re: SOI QUESTIONS: 2.6 Formal proofs of security
Next by Date: Scenario-Question matrix
Prev by thread: Re: SOI QUESTIONS: 2.5 Plausible deniability
Next by thread: apology
Index(es):
- Date
- Thread