IETF Logo Mail Archive

[Emu] General EAP discussion of protected alternate indication of success, RFC 4137, and IEEE 802.1X

John Mattsson <john.mattsson@ericsson.com> Sat, 06 February 2021 09:43 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EB123A0E61 for <emu@ietfa.amsl.com>; Sat, 6 Feb 2021 01:43:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.354
X-Spam-Level:
X-Spam-Status: No, score=-0.354 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.25, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URI_DOTEDU=1.997] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o24EoysRQuPE for <emu@ietfa.amsl.com>; Sat, 6 Feb 2021 01:43:21 -0800 (PST)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150089.outbound.protection.outlook.com [40.107.15.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E2353A0E60 for <emu@ietf.org>; Sat, 6 Feb 2021 01:43:21 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mbOwv2gouIT4co4iiwY8GxllDBNuuGhLUvaE8sx40sO12df7hhCyRwBh3Pqz9O9Epb83kpLN0p7UnhJZmj4CJySkylPT65Uc32LUvdwJwmFZuFbm3b7kwx7BFZ5Isfov6CoxSz2G1plzTIF8NbUayYxii1hGm7z08b0CxrJjbHivzQLcisQhyIJJyGn3IcLXepx9FLDT/AInRRHAPFXzE2i8RQMKYqxA8bMh1NHvmJaokso1F9yobdRm5RXX7rh0Y9TZP9a4e8h1yEpvBiUeyJeyqJKfRmpR6GGfMFiYw53Czi67OVxfYjD6EyQ6yXQa9QocgQpk4KLOxti4GYeegQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WOx8JLry7ttFaXW6HStADzIKk5ILpBoVnMAqZzUO17g=; b=VmXYbZNvlaW6eaSj5iTkdQUxgAn0TZ1Mqfvu+qhBPZO89FQGsw9LDPAXOSraXdnAD8haHxVEg+oWa5hr+v5fm3zzxoirxodWMm9b8AGI2AuJybba/UbzP6m1f5N+zH88lX2cdaG72TkqZzfnZvM8YuBHSD04Ly3YXtE0V9iSd0Olwq4aKucUIV2JzSZuclt7tch4NZt9dQB26sQw7C+SZ96TKK8keWjAiOlvZFClmJGJxupvXtMQQe6bX1cKvNvPwwH2i7TFs7dZ+DJNYSwlBecqA10XY+Vj0yrKdQLDxSqjVVrGUpqAKi+3/ZqhaJyFwhHQ75DqHeuTlTncWfw28g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WOx8JLry7ttFaXW6HStADzIKk5ILpBoVnMAqZzUO17g=; b=TzDI/1qe2V6HjpQ+hD0aocFUJUHzfB7LFTpqafrRR3CzSSkMv7ZeREGq3wFTc1hzr4v4Q+spgRArx7qvnMDN12yRpahxx4IbLmM5y1ZetseVkgxRlVNxCNqA9/OnWd+x7IeCYqdMHK1m0DVxWSXx0BW/iEB45028QhDF8rI5cio=
Received: from (2603:10a6:3:4b::8) by HE1PR07MB4283.eurprd07.prod.outlook.com (2603:10a6:7:a2::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3825.15; Sat, 6 Feb 2021 09:43:16 +0000
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::c555:6e47:970c:1268]) by HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::c555:6e47:970c:1268%11]) with mapi id 15.20.3846.020; Sat, 6 Feb 2021 09:43:15 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: EMU WG <emu@ietf.org>
Thread-Topic: General EAP discussion of protected alternate indication of success, RFC 4137, and IEEE 802.1X
Thread-Index: AQHW/Gx+JMT5qSlPuUi+/GWI4TDqmA==
Date: Sat, 06 Feb 2021 09:43:15 +0000
Message-ID: <1823CB2F-E930-4259-9D95-A73F8D322C45@ericsson.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.45.21011103
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [81.225.97.222]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 9f726d85-07ed-443b-f146-08d8ca83a0b4
x-ms-traffictypediagnostic: HE1PR07MB4283:
x-microsoft-antispam-prvs: <HE1PR07MB4283EFCF0FD2CC4C318D586189B19@HE1PR07MB4283.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: b0lDX0IGVH34RUwvIBKegibD5D29N1l3t/O1RgHh1JwO7LOoDtKNJVAtNkdByvLCa0r697nIvsS2rQfisbNtpKzn0sVbXQ9t3u4g7uy7QfYKkeqMFzBQ54ACSvEu3syqaqHLutFpye4esrnhHOU0tTJ+CNNztT4FBC5KYC16V4luClTy/qkO7Wr2hz3NaMDTLR3Te4XZ5eHMmYLp0332JGD9O/Px1yUKCbwYMuF/OjdUp5Y62fPC4IoXyAtyzVQaHxnz9mXHeEUTCB5tFPoi+ZvP8TLTa7eOjFjQWJMv66M6HLZqXQrIm4cS6TdyvkuUjgVtp9IpCG21QPYvME7DIHGJveNZTYB5rLxi//aXnH+/CQRuuskXQ6BTfLuPubnWPWM5DQwpDvY/6xQyMJ3E9msamXClM7eVeUaqnEyulV/1YUr/545rE/4JvxU67PXaY/KFJAirppkbwB81kfgKXnNQadI00cd1ZIGty3hmJkcJCiTDs4wcOzWmshaVKTFGL4Mm4gmpClCDGaUIa+61YhkpTYYwPDe0wLfwZfibZyMU3yWXKNW3w4rmqit6239Ge/Rjr1kHycaCVUbf3xczO70UgY7AWAE+6CdY5x1ICVhhaTKas4rW+to5GnkDQE9z3XLCtGeJe6uTJ21gtQPjIA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0701MB3050.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(346002)(366004)(376002)(396003)(39860400002)(44832011)(186003)(5660300002)(966005)(8676002)(6506007)(33656002)(2906002)(478600001)(6486002)(66446008)(6512007)(8936002)(64756008)(66946007)(66476007)(66556008)(76116006)(86362001)(6916009)(71200400001)(316002)(83380400001)(26005)(36756003)(2616005)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: DMTCuIkhpatuO9SRf7eGWc7JJ1Pd9iBNORaUofvGjy9tm6yW3tiFhfArmnovpDDHeKzZ3Ac0milQlyxmSCvcqJ+y6eowLGS/m2u/JiTQcrPoC109dTuAeW3CgTYogqT0XQJd8nk/eXXVbdlS+5x0Cx15dkj8u/Rs6lO+jV3KulprcAlWeM+w0GWpYPzM5tCIyRzriEvMbiDpbS2lM9RiBpoRt7E0RIWwhGyxcwjtoYHkW3pi5p4MuwujmIqJXUOGdvnQFA2YO0ZZ/Eje4dwYWmaSUYUCJRYmtgK1Apa1swepHwR+9ge1Ays1r/LbXEpW4QAaXer+jiq2kedB1udzZ03hzLrBtYKibfopN+OiPWpwvvuW0LDW0xDGtOnfskafNeth9xJTNDxP4YXg21HtcVuVQoFg2slQ1frsfVYVp5QpH20WuzZ9MM6wE+GacG0qGEilxlDk+8VwBPDZWy7DQYx/lVnFlGrN9g4eUB06m5jDE+RS/8xQjBu7KcRwMSOGXNt/iaXEVUSmynDcDVPeKlo3yy1g61dvjoqalavA1HriqyiTGCgv2reBOHOLEA9fUdypt1iSYhFtIvk6Eg5Y3W5WqfdFDGndVBBanqHYaHPfClcKq1faNdeP/IGDW4dNOFztrObMMYrRa8Nclg2lL6HvumYm3VaQMT2h1wzBU23JivbmZYGEI3QHi4gox+Rc4VQ74pHXvyLtqaRdsiHqewxExl+9voCqLSDgcIivcnvO5MoY9Oi5X/Kz8IY0aouwZnt+Uq50jeydvIyqTQX+bY8sH4n2AC0157k0eBxjshQyax2uhfirQG8UC6MWkvzXFc6xwX84jzpltcFGKTwOisrsC2Gz6jd5uYZZ7a3Vc+j1w5O8Jhk5DFjzzDeRguc9sjC6H6kqRBlSvNM6AauONGRDW0Gxol58t32eEYbEZNK9IOEpjJP8BSl4vdJbD3kN2utuyPg4LavKNCuljeb4xGh5htu8AQwdt0G+H46GKE45FHA3g9AmAk3asAj/4YEVKXkmiGVnLLJqtGKdfN9JZnbyyq0i4/U5h61bKFO/+J1/WwNafohHqbJ+wZrJmwWOpuxjAHLcEVja1/d8I7m+56yW2h5D+JILZUpHdKZgnbr8FDoq10rLQ7G2CKtWTahff0m9Ff4y1RdYp/Aw8ESzF52801gOUBn0jetJPjmg9zjT67CJz2UI/nwAmB1UCO+bIBPQZbHQQbYfxSbObXWhsjCNmE6cjgvAqOx7rv1vnYyUIAAp2GEZk9AxB8PP4ZYVSmKzizdtkopTVUkshVTamkiccQFBSqd8REDQaJuFTx4cAe0a1M9amLrrKsHxL4qAV4nq/pwbBqJ4uwhNJ/vx1A==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <4CB8D39E0C23504D8AE61DA6BF1B8661@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0701MB3050.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9f726d85-07ed-443b-f146-08d8ca83a0b4
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Feb 2021 09:43:15.7405 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Ah824UhnxEfc0NofELs3i505tfvJnnjtMab2KtLgWLjc/fcddhvIYf1OyHehYxEETGsrfcwbDtG+USt7HN4sdgmLjg2IQAjGXHP3Hxyl91A=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB4283
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/C_Clb8Bi31X1dhZzeh5ZrbXagzY>
Subject: [Emu] General EAP discussion of protected alternate indication of success, RFC 4137, and IEEE 802.1X
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Feb 2021 09:43:23 -0000

Hi,

Bernard brought up compability with RFC 4137 and the need for protected alternate indication of success in the context of EAP-TLS 1.3

https://mailarchive.ietf.org/arch/msg/emu/F-LcEX3UbAEX20Amk0xBBqfPQNQ/

I think we need to discuss this in a general EAP setting as this in not EAP-TLS specific at all but also related to all other EAP methods including draft-ietf-emu-rfc5448bis, draft-ietf-emu-aka-pfs, draft-ietf-emu-eap-noob, and draft-ingles-eap-edhoc.

The need for anprotected alternate indication of success in IEEE 802.1X is as described in [1]

  "lack of per-packet authenticity and integrity in IEEE 802.11 frames (data and management) has been a key contributor in many of the protocol's security problems."

  "due to a series of flaws in the composition of protocols that make up RSN".

Regarding solutions [1] states

  "there are currently no plans by the IEEE to add integrity protection to management frames"

  "Fortunatly, however, our attacks can easily be prevented through the addition of message authenticity to EAP"

To summarize IEEE 802.1X has some design flaws that will not be fixed. Any EAP method must have a protected alternate indication of success to be secure in IEEE 802.1X.

The attack seems pretty bad. Without a protected alternate indication of success an attacker can easily hijack the whole connection. I do not have a deep understanding of modern IEEE 802.1X, so I cannot say if anything has changed since 2002.

Looking at the other active documents in the EMU WG:

draft-ietf-emu-rfc5448bis
draft-ietf-emu-aka-pfs
draft-ietf-emu-eap-noob
and draft-ingles-eap-edhoc

None of them has a protected alternate indication of success and they would to my understanding be completely unsecure to use in IEEE 802.1X as it looked like in 2002.

Not having a protected alternate indication of success and pushing out keys before success is secure in general, otherwise TLS 1.3 itself would be insecure. I think all of these protocols would be secure when used in 3GPP 5G, but I think basically all EAP protocols want to function with IEEE 802.1X.

I think EMU need to verify that protected alternate indication of success is still needed in IEEE 802.1X. If it is I think draft-ietf-emu-rfc5448bis, draft-ietf-emu-aka-pfs, draft-ietf-emu-eap-noob, and draft-ingles-eap-edhoc need to be updated, or state that they cannot be used in IEEE 802.1X.

draft-ingles-eap-edhoc would be very easy to fix by just adding EDHOC message_4 which is desgined for use cases like this. EDHOC exported already derived keys from the client's second flight as recently discussed might be good to add to TLS 1.3.

[1] http://www.cs.cornell.edu/people/egs/615/mishra-arbaugh.pdf

Cheers,
John

v2.23.0 | Report a Bug | By Email