[Hipsec] Password authentication for HIP DEX
Robert Moskowitz <rgm@htt-consult.com> Thu, 10 June 2010 16:02 UTC
Return-Path: <rgm@htt-consult.com>
X-Original-To: hipsec@core3.amsl.com
Delivered-To: hipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B6C653A696E for <hipsec@core3.amsl.com>; Thu, 10 Jun 2010 09:02:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.716
X-Spam-Level:
X-Spam-Status: No, score=0.716 tagged_above=-999 required=5 tests=[AWL=0.115, BAYES_50=0.001, J_CHICKENPOX_31=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NFRTIfOaoSY9 for <hipsec@core3.amsl.com>; Thu, 10 Jun 2010 09:02:52 -0700 (PDT)
Received: from klovia.htt-consult.com (klovia.htt-consult.com [208.83.67.149]) by core3.amsl.com (Postfix) with ESMTP id A10003A68FC for <hipsec@ietf.org>; Thu, 10 Jun 2010 09:02:52 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by klovia.htt-consult.com (Postfix) with ESMTP id 361EB68A94 for <hipsec@ietf.org>; Thu, 10 Jun 2010 15:55:03 +0000 (UTC)
Received: from klovia.htt-consult.com ([127.0.0.1]) by localhost (klovia.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V33LwH8JwSj3 for <hipsec@ietf.org>; Thu, 10 Jun 2010 11:54:54 -0400 (EDT)
Received: from nc2400.htt-consult.com (h155.home.htt [208.83.67.155]) (Authenticated sender: rgm@htt-consult.com) by klovia.htt-consult.com (Postfix) with ESMTPSA id 4802A68B49 for <hipsec@ietf.org>; Thu, 10 Jun 2010 11:54:54 -0400 (EDT)
Message-ID: <4C110C8D.4000503@htt-consult.com>
Date: Thu, 10 Jun 2010 12:02:21 -0400
From: Robert Moskowitz <rgm@htt-consult.com>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.9) Gecko/20100430 Fedora/3.0.4-2.fc12 Thunderbird/3.0.4
MIME-Version: 1.0
To: HIP WG <hipsec@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [Hipsec] Password authentication for HIP DEX
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Jun 2010 16:02:53 -0000
Password authentication for HIP DEX may be used for initial ACL bootstraping (how a new I introduces itself to R) of for emergency access (EMT needs access to a pacemaker or field tech needs access to a substation switch). Note that if I does not have PKr from a source other than R1, this process is open to rogue attack then offline dictionary attack against the secret. There is no way that R can protect its password from a misbehaving I. This is a simple password authentication. I am going to study 802.11s ECC zero-knowledge password authentication that Dan Harkins developed to see if I could use it instead... Anyway on to the process, it is very simple. P ::= password Pl ::=length of password If Pl != 128 then P = AES-CMAC(0^128, P, Pl) Add the following to I2: ECR(PKr, MAC(P, n)) This parameter is included in the MAC of I2. Only the owner of the R private key can look at the MAC result to see if it is correct. Thus the passsword is not exposed to over the air intercept and dictionary attack. It IS open to MR attack if I does not have PKr from a source other than R1. I don't see an EMT in a hurry entering a 128bit HIT or 160bit PKr to get access to a pacemaker...
- [Hipsec] Password authentication for HIP DEX Robert Moskowitz