Re: [IPsec] Proposed work item: IKEv2 password authentication (SPSK)

Hi everyone,

[WG co-chair hat off]

I believe this effort is misguided, and would be a waste of the WG time.

EAP was added to IKEv2 to provide "legacy" (a.k.a. password) authentication. In the past it did not do it very well, but this is changing. We should improve the use of EAP in IKEv2, rather than replacing it by a homebrew solution.

Specifically, the following EAP methods can be used today (or in the near future) for mutual password-based auth:

- Dan's own EAP-PWD, http://tools.ietf.org/html/draft-harkins-emu-eap-pwd-12
- My EAP-EKE, http://tools.ietf.org/html/draft-sheffer-emu-eap-eke-03
- The long expired EAP-SRP, http://tools.ietf.org/html/draft-ietf-pppext-eap-srp-03
- A rumored EAP method based on the PAK protocol (http://tools.ietf.org/html/draft-brusilovsky-pak-10)

Embedding one of these methods as the single way to do mutual auth in IKE simply doesn't make sense.

In addition, SPSK (which is equivalent to EAP-PWD) is a novel crypto protocol. It has had by far the least crypto review than the other three protocols. IMHO, this working group should NOT be developing new cryptographic protocols. This is not where our expertise lies.

Lastly, one of the major criticisms with IKEv1 was the number of protocol modes. And here we are, with a proposal to add another mode to IKEv2. Doesn't seem like a good idea to me.

Thanks,
	Yaron

> -----Original Message-----
> From: Dan Harkins [mailto:dharkins@lounge.org]
> Sent: Tuesday, December 01, 2009 1:35
> To: Yaron Sheffer
> Cc: ipsec@ietf.org
> Subject: Re: [IPsec] Proposed work item: IKEv2 password authentication
> (SPSK)
> 
> 
>   Hello,
> 
>   As can be inferred by my previous posting on EAP-only authentication,
> I favor this particular method for mutual authentication.
> 
>   I believe this is a general purpose exchange, useful for more than the
> narrow focus of EAP-only, does not require extraneous encapsulations or
> unnecessary code (ala EAP-only), and is secure regardless of its use
> (unlike EAP-only).
> 
>   I am committed to working on this as a WG work item. I agree to continue
> contributing to the text and (co-)authoring the text. I solicit help, and
> support, from those who are interested in this task.
> 
>   regards,
> 
>   Dan.
> 
> On Sun, November 29, 2009 9:20 am, Yaron Sheffer wrote:
> > This draft proposes a particular method for mutual authentication of
> IKEv2
> > peers using a short, low quality shared secret (a.k.a. "password"). The
> > proposal is to embed this method in the IKE exchange, rather than use
> EAP.
> >
> > Proposed starting point:
> > http://tools.ietf.org/id/draft-harkins-ipsecme-spsk-auth-00.txt.
> >
> > Please reply to the list:
> >
> > - If this proposal is accepted as a WG work item, are you committing to
> > review multiple versions of the draft?
> > - Are you willing to contribute text to the draft?
> > - Would you like to co-author it?
> >
> > Please also reply to the list if:
> >
> > - You believe this is NOT a reasonable activity for the WG to spend time
> > on.
> >
> > If this is the case, please explain your position. Do not explore the
> fine
> > technical details (which will change anyway, once the WG gets hold of
> the
> > draft); instead explain why this is uninteresting for the WG or for the
> > industry at large. Also, please mark the title clearly (e.g. "DES40-
> export
> > in IPsec - NO!").
> > _______________________________________________
> > IPsec mailing list
> > IPsec@ietf.org
> > https://www.ietf.org/mailman/listinfo/ipsec
> >
> 
> 
> 
> Scanned by Check Point Total Security Gateway.

Re: [IPsec] Proposed work item: IKEv2 password authentication (SPSK) - NO