[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How important is identity protecton?

To: ipsec@lists.tislabs.com
Subject: Re: How important is identity protecton?
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Date: Fri, 29 Nov 2002 10:57:38 -0500
In-reply-to: Your message of "Tue, 26 Nov 2002 15:41:31 EST." <200211262041.gAQKfVJ08833@sydney.East.Sun.COM>
Sender: owner-ipsec@lists.tislabs.com

-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Radia" == Radia Perlman <- Boston Center for Networking <Radia.Perlman@sun.com>> writes:
    Radia> the two styles, seemed to have consensus around avoiding the
    Radia> polling attack. The reasoning was
    Radia> that IKE is a peer-to-peer protocol where either
    Radia> side can initiate, and the polling attack is way easier (just
    Radia> initiate a connection to an IP address) than impersonating the
    Radia> responder's IP address and seeing who connects.
    Radia> Based on these arguments and the perceived consensus of the
    Radia> WG, JFK and SIGMA added handshakes to avoid the polling attack.

    Radia> So at any rate, this issue has been considered.

    Radia> I think it's far-fetched to come up with a scenario where
    Radia> it would be horrible if
    Radia> you could be tricked into revealing that you are attempting to
    Radia> connect to someone. In a case like two freedom-fighters trying to

  One of the things that I'd like to be able to do is either change
identities, or create sub-negotiations with an IKEv2 phase 1.

  Either lets people conceal their real identities behing fake identities.
Specifically, IPv4 identities which don't really tell anyone anything. 
  
  Changing identities could just be a matter of doing a rekey of phase 1
within the old phase 1. This might be easy to do by literally just embedding
an IKE payload inside of IKE.  We will be writing text on this.

  A sub-negotiation would permit multi-user systems to negotiate with
specific user's identities for per-port connections.

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBPeeOcIqHRg3pndX9AQHPnwP6AqJzo2eOWLUAFgB5G9QbMnPjEBmQZdry
7QSAqlYcWDosRc5HaVOdMgvzW6v07vJXkNdA9HP7WeUnl+Ln5TFwMJV03hrIh5Eo
Q9kROOFhllo6dlkQ0kEqa0MnZwopKlzXXo8Vf4CfW15TQATNey3+989I17Go1qI7
ETA9OQ4sfww=
=VFPX
-----END PGP SIGNATURE-----

References:
- Re: How important is identity protecton?
  - From: Radia Perlman - Boston Center for Networking <Radia.Perlman@sun.com>

Prev by Date: Re: IKEv2 use of HMAC-SHA-1 for Key Derivation
Next by Date: Re: ISAKMP SA message #1 (proposing attributes/transforms)
Prev by thread: Re: How important is identity protecton?
Next by thread: IKEv2 use of HMAC-SHA-1 for Key Derivation
Index(es):
- Date
- Thread