Re: Secure legacy authentication for IKEv2

["Andrew Krywaniuk" <askrywan@hotmail.com>]

I suggested a long time ago that we could solve the problem by simply adding 
a private attribute that says "I am running EAP over an IPsec tunnel", but I 
was told that adding a new EAP attribute is so hard that it would be easier 
to design our own SLA protocol. I don't really know enough about EAP to 
confirm or deny this.

Andrew
--------------------------------------
The odd thing about fairness is when
we strive so hard to be equitable
that we forget to be correct.


I do not agree. The problem is really with legacy authentication 
*protocols*,
not with legacy *credentials*. If you let me re-design even the most basic
of pswd authentication protocols such as CHAP I will do it in a way that
will change the protocol very slightly (and will use passwds the same way
CHAP uses now) but will make the modified protocol resistant to the MitM
attacks we were discussing here.  How? Simply put under the response
computation the name of the server with which you are comunicating and (if
possible) the name of the tunnel protocol under which the protocol is run
(with a special "protocol name" for "no tunneling"). Needless to say this
does not resolve dictionary attacks if the protocol is run unprotected but
that is something that NO solution can avoid (except of course for NOT
running the protocol unprotected or for switching to dictionary-attack
resistant methods (which exist of course but not as "legacy").



_________________________________________________________________
MSN 8: advanced junk mail protection and 3 months FREE*. 
http://join.msn.com/?page=features/junkmail&xAPID=42&PS=47575&PI=7324&DI=7474&SU= 
http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_advancedjmf_3mf