Re: [IPsec] Password-Based Auth: Two criteria comments

Yoav Nir <> Mon, 22 March 2010 19:35 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 76C493A6853 for <>; Mon, 22 Mar 2010 12:35:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.613
X-Spam-Status: No, score=-2.613 tagged_above=-999 required=5 tests=[AWL=-0.144, BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13, RCVD_IN_DNSWL_LOW=-1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id lq0X+EjzhtDj for <>; Mon, 22 Mar 2010 12:35:35 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 51CC53A67F0 for <>; Mon, 22 Mar 2010 12:35:34 -0700 (PDT)
Received: from ( []) by (8.12.10+Sun/8.12.10) with ESMTP id o2MJZnsd022276; Mon, 22 Mar 2010 21:35:49 +0200 (IST)
X-CheckPoint: {4BA7C5ED-0-1211DC2-2FFFF}
Received: from ([]) by ([]) with mapi; Mon, 22 Mar 2010 21:36:10 +0200
From: Yoav Nir <>
To: "<> <>" <>
Date: Mon, 22 Mar 2010 21:35:47 +0200
Thread-Topic: [IPsec] Password-Based Auth: Two criteria comments
Thread-Index: AcrJ9uxKjj7NyYd5R2aHzHBEM6MADQ==
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "" <>
Subject: Re: [IPsec] Password-Based Auth: Two criteria comments
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 22 Mar 2010 19:35:36 -0000

On Mar 22, 2010, at 11:18 AM, <> <> wrote:

> Summarizing what I said in the meeting:
> (1) The performance criteria should include performance with large complex secrets (e.g., pre-shared keys), not just the smaller passwords that people can reasonably be expected to remember.
> This is because a password-based authentication mechanism may be usefully applied to shared secret authentication implementations that derive a supposedly strong secret solely from a password (see the discussion of pre-shared key authentication in Section 2.15 of RFC 4306).  Password-based authentication would provides some defense against this and other key generation weaknesses.  The original password that was used to generate the shared secret may no longer be available, so good performance on large complex secrets would enable password based authentication to use the derived (supposedly strong) secret as the password.

IKE already has PSK-based authentication. If my "password" is 9975612f178b31164bef5bb672cbeb1db6437d6459ff1d8a17f12ec73fcd5c92, then I don't need any new-fangled mode, because the authentication described in section 2.15 of RFC 4306 is good enough.

The new mode we're looking for is for giving a little security for people who use the password "yoav71", thinking that nobody would ever guess it.