Re: iSCSI:SRP

[Andre Hedrick <andre@linux-ide.org>]

Sorry to be a lurker in the back ground, but we are talking about digital
security and access to what one would assume to be sensitive content.

The senerio of flashed based laptops with mobile radio IP transport, aka
cell-technology et al., and off site access to home office content is
highly desired.  However, laptops or pda's can be lost of borrowed without
permission, and a simple CHAP could be hacked by joe-six-pack.

Now who wants there secure content crackable?

SRP is a stronger lock, and locks only keep honest people honest.

Regardless, of what product I will ship, SRP will be in the matrix of
solutions.  Those who fail this point may be discounted as a risk, I would
question the product.

Cheers,

Andre Hedrick
LAD Storage Consulting Group

On Thu, 4 Apr 2002, John Hufferd wrote:

> 
> Bill,
> At the IETF Plenary meeting in Minneapolis, David, I and some others pushed
> the IPR issue.  They said that the Workgroup should define the correct
> technical solution, and not take the IPR stuff as a significant issue, (as
> long as the Reasonable and Non- discriminatory stuff is part of the
> considerations).  We are at that point now that we have Lucent's new
> Statements.   The IPR stuff should only be an overt issue when their are no
> responsible statements issued by the IPR holders.  Since we can not tell if
> the claims are valid, or even apply, or if there is some other IPR issue
> that will come out in the future, we should be picking the best technology,
> to which we can get consensus.
> 
> Now, I personally believe, as you mentioned in your note, that the right
> way to do this is to have the SRP as a SHOULD implement.  But at
> Minneapolis I brought that up and was shot down by the AD, and he told us
> that IPR could not be a valid reason for using the SHOULD word.  "SHOULD"
> we were told should be used for technical reasons.  That is, the following
> statement in RFC2119, is being interpreted as being focused on the
> technical:
> 
> "SHOULD   This word, or the adjective "RECOMMENDED", mean that there
>    may exist valid reasons in particular circumstances to ignore a
>    particular item, but the full implications must be understood and
>    carefully weighed before choosing a different course."
> 
>  Therefore, if it is possible that there is a technical reason that a
> vendor could not or does not implement a feature, which would otherwise be
> a MUST, then the use of SHOULD is acceptable.  If anyone has a technical
> reason that SRP may not, or should not be implemented on some vendors
> offerings, then SHOULD could be OK.
> 
> I could also accept a MUST for CHAP, because of its wide spread install
> base.  But I think we should probably have a MAY with DH+CHAP, even if it
> is political, in the MAY position I do not believe it can hurt us, and if
> it ends up well, it can be a good thing.
> 
> Again if we have a technical reason for SRP to be a SHOULD instead of a
> Must, we can factor that in.
> 
> Without that technical reason for SRP being a SHOULD, I believe, that
> because of its stronger security features we should make SRP a MUST.  And
> since I still think that CHAP is useful, my above arguments lead me to SRP
> MUST, CHAP MUST and DH-Chap as MAY.
> 
> It is possible, in the real world that if a vendor, has a problem with
> Licensing SRP, that  vendor's product will put an * in their ads and their
> product boxes, with marketing words, which state that their product is
> iSCSI is compatible with RFC # 123456*, and then they will put in a few
> words at the bottom of the package that read as "* except for SRP".   In
> that case we still need to interoperate and that will mean that Chap is
> required  -- Hence my position on Must implement for Chap.
> 
> There is one other worry I have about Chap and DH-Chap.  Though we were
> only asked to "consider" DH-Chap, I think the implication was to consider
> it to solve the MUST problem.  Now that David thinks he has a working
> DH-Chap proposal, I am afraid that the ADs will see the proposal as a valid
> way to get a stronger Chap, and not let plain Chap be the only MUST.  If
> that happens we will be stuck with an unproven DH-CHAP as the only MUST.
> And that worries me a lot.
> 
> OK, this was a round about way of saying, SRP as MUST implement since we
> know that is Strong, therefore we can not be compelled to take DH-CHAP as a
> MUST.  Then CHAP as a MUST or SHOULD ensures interoperability with all the
> systems that currently exploit CHAP and want to require it also for iSCSI
> (and with the "*" implementations).  And DH-Chap as MAY, to give us ongoing
> additional protection for CHAP implementations that exploit it.
> 
> I used SHOULD as an option for CHAP (above), since if there is another
> technical superior technique (SRP), a vendor may feel that his products
> only sells into the more secure environments, and that CHAP would lower the
> products total security, and therefore, have a valid technical reason to
> not implement CHAP.  (Unfortunately, I can not make exactly the same case
> for SRP, since it is technically superior to CHAP).
> 
> Marjorie objects to having CHAP as a (second) MUST, and you, Bill, object
> to SRP as a MUST.  We really need to come to closure, so let me offer some
> options:
> 
> 1. SRP MUST, CHAP MUST, DH-CHAP MAY
> 2. SRP SHOULD, CHAP MUST, DH-CHAP MAY (need technical reason for the SRP
> not being MUST)
> 3. SRP MUST, CHAP SHOULD, DH-CHAP MAY (for those folks that do not want two
> MUSTs)
> 4. SRP MUST, CHAP MAY, DH-CHAP MAY
> 5. SRP MAY, CHAP MUST, DH-CHAP MAY (we must feel comfortable that it will
> not morph into option 5)
> 6. SRP MAY, CHAP MAY, DH-CHAP MUST  (this one worries me the most)
> 
> I can support 1, 2, 3, or 4.  and favor 4 since that is close to were we
> were before, the Lucent issue bit us, and now that it is settled, we can go
> back to the previous agreement (plus DH-CHAP). My second choice would be 1,
> and my third choice is 3.  However, if we have a technical reason for SRP
> being SHOULD, number 2 would jump to the top of my favorite list.
> 
> Perhaps some of you folks could vote on your top 3.  (I say top 3 since we
> may be able to find a choice that is acceptable by most folks even if not
> on the top of most folks' list.)
> 
> 
> 
> .
> .
> .
> John L. Hufferd
> Senior Technical Staff Member (STSM)
> IBM/SSG San Jose Ca
> Main Office (408) 256-0403, Tie: 276-0403,  eFax: (408) 904-4688
> Home Office (408) 997-6136, Cell: (408) 499-9702
> Internet address: hufferd@us.ibm.com
> 
> 
> Bill Strahm <bill@strahm.net> on 04/03/2002 11:10:29 AM
> 
> To:    John Hufferd/San Jose/IBM@IBMUS
> cc:    Black_David@emc.com, marjorie_krueger@hp.com, ips@ece.cmu.edu
> Subject:    Re: iSCSI:SRP
> 
> 
> 
> I am confused John,
> 
> The reason we are looking at things beyond SRP is that there MAY be IPR
> issues
> with SRP.  Because of that the WG will consider algorithms that MAY NOT
> have
> IPR issues such as CHAP.
> 
> I am not a fan of SRP from many reasons, but I will say that it is
> considerably
> stronger than CHAP.  For that reason, if I MUST implement it, why should I
> also
> include a weaker algorithm, I all ready have to play the price to licence
> SRP.
> 
> I would argue that CHAP should me the sole MUST implement, because it is
> open
> and free, from there we can have SRP as a SHOULD and don't mention CHAP+DH
> at
> all because it will have all of the problems that SRP has, until it is
> vetted.
> 
> Bill
> On Wed, Apr 03, 2002 at 09:37:53AM -0800, John Hufferd wrote:
> >
> > David,
> > I think we need to lower our exposure here.  I suggest SRP as Must
> > Implement, Chap (as it is today) as Must implement, and a pointer to the
> > new draft your are making for DH+Chap, as a MAY implement.
> >
> > They asked us to "consider" DH+Chap but it was not a hard requirement,
> you
> > told us that they would accept Chap, but wanted us to consider a way to
> > make it more secure.  I think the work that has been done, is clearly
> > considering it, and with the combination of SRP and current Chap clearly
> > meets requirements.  If DH+Chap end up with some problems we will not be
> > impacted.  And if DH+Chap works, I think it will attract a lot of
> > attention, and many folks will use it.  I can even accept DH+Chap as a
> > SHOULD implement, as long as it does not hold us up and it looks
> > reasonable.  That would at least give us an out if we find an important
> > technical hold, etc.
> >
> > So, SRP MUST, Chap today as MUST, and DH+CHAP as MAY or if necessary,
> > SHOULD --   But we need to put this to bed, right away.
> >
> > .
> > .
> > .
> > John L. Hufferd
> > Senior Technical Staff Member (STSM)
> > IBM/SSG San Jose Ca
> > Main Office (408) 256-0403, Tie: 276-0403,  eFax: (408) 904-4688
> > Home Office (408) 997-6136, Cell: (408) 499-9702
> > Internet address: hufferd@us.ibm.com
> >
> >
> > Black_David@emc.com@ece.cmu.edu on 04/03/2002 07:45:12 AM
> >
> > Sent by:    owner-ips@ece.cmu.edu
> >
> >
> > To:    marjorie_krueger@hp.com
> > cc:    ips@ece.cmu.edu
> > Subject:    RE: iSCSI:SRP
> >
> >
> >
> > Marjorie,
> >
> > > I don't see your reasoning here David, please explain.  As Mallikarjun
> > says,
> > > it's up to this WG to decide what the authentication reqmts are for
> iSCSI
> > > and choose a protocol.  Why would the IESG second guess that?
> >
> > See Section 6.1.2 of RFC 2026 where the IESG is responsible for
> "technical
> > quality" of RFCs, and the discussion of this in my response to
> Mallikarjun.
> > If I replace the word "authentication" with "confidentiality", in the
> > above text, I observe that we've been through a worked example of the
> IESG
> > exerting its authority to set security requirements.
> >
> > > If that's the case, perhaps there's an unknown, unbounded list of
> > > authentication protocols that we haven't considered that the IESG will
> > > make us go back and consider?
> >
> > I don't believe so - my understanding is that consideration of
> > DH-strengthened CHAP will be sufficient.  For example, I see little need
> > to investigate the notion of a signed CHAP challenge that was lurking
> > in one of Ted Ts'o's posts - if the signing keys are available, one of
> > the SPKM methods should be used instead.
> >
> > > It's my understanding that DH-strenghthened CHAP is only "proposed",
> not
> > > currently standard (not even a draft)?  So I can't believe the IESG
> will
> > > make us go consider requiring a draft in our proposed standard, that's
> > > against their own stated rules?
> >
> > Internet-Draft coming soon, I hope, after expert review of the proposal's
> > cryptographic soundness.  FWIW, I agree with Paul Koning's concerns:
> >
> > > I'm definitely not the world's greatest fan of SRP, but I much prefer
> > > a requirement for an existing RFC (even if not yet widely implemented)
> > > over a diversion towards a not yet defined, not yet analyzed, new
> > > protocol with unknown security properties.
> >
> > IMHO, DH-strengthened CHAP will fly only if it is a sufficiently
> > straightforward combination of DH and CHAP that reasonable confidence
> > can be obtained in it without the need for the years of public scrutiny
> > that are required for major new security mechanisms/protocols.  From
> > a procedural standpoint, that has to be the case in order to advance
> > the definition through this WG as opposed to one in the Security Area.
> >
> > At the moment, I'm taking much of the responsibility for writing up
> > DH-CHAP because somebody has to do it.  Please keep in mind that the
> > last time I wrote this class of thing up (SRP key generation for ESP,
> > last summer), the WG decided not to pursue it.  So don't assume that the
> > "fix is in" because I'm one of the WG chairs, but please take seriously
> > the responsibility to give the proposal a fair hearing when it appears.
> >
> > I'd really like to get the DH-CHAP Internet-Draft out this week, but
> > that's starting to look dicey; it will appear by the end of next week,
> > come h*** or high water.  I'm not 100% thrilled about this situation,
> > but I am certain that a procedural battle with the IESG is not the
> > best way out of it.
> >
> > Thanks,
> > --David
> > ---------------------------------------------------
> > David L. Black, Senior Technologist
> > EMC Corporation, 42 South St., Hopkinton, MA  01748
> > +1 (508) 249-6449 *NEW*      FAX: +1 (508) 497-8500
> > black_david@emc.com         Cell: +1 (978) 394-7754
> > ---------------------------------------------------
> >
> >
> >
> 
> 
>