[IPsec] Additional charter items 4/4: Mitigating privacy concerns
Tero Kivinen <kivinen@iki.fi> Fri, 16 February 2018 18:13 UTC
Return-Path: <kivinen@iki.fi>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FE97129C6B for <ipsec@ietfa.amsl.com>; Fri, 16 Feb 2018 10:13:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.121
X-Spam-Level:
X-Spam-Status: No, score=-1.121 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_NEUTRAL=0.779] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LqU3E8suwbJJ for <ipsec@ietfa.amsl.com>; Fri, 16 Feb 2018 10:13:22 -0800 (PST)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [212.16.101.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1889F1200C1 for <ipsec@ietf.org>; Fri, 16 Feb 2018 10:13:21 -0800 (PST)
Received: from fireball.acr.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.15.2/8.15.2) with ESMTPS id w1GIDKae024242 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for <ipsec@ietf.org>; Fri, 16 Feb 2018 20:13:20 +0200 (EET)
Received: (from kivinen@localhost) by fireball.acr.fi (8.15.2/8.14.8/Submit) id w1GIDKTx022954; Fri, 16 Feb 2018 20:13:20 +0200 (EET)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <23175.8000.242283.548415@fireball.acr.fi>
Date: Fri, 16 Feb 2018 20:13:20 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: ipsec@ietf.org
X-Mailer: VM 8.2.0b under 25.1.1 (x86_64--netbsd)
X-Edit-Time: 6 min
X-Total-Time: 6 min
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/MLvdDJD6o6yXSjOtF5QF9vY57Fs>
Subject: [IPsec] Additional charter items 4/4: Mitigating privacy concerns
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Feb 2018 18:13:23 -0000
This item does not have charter text yet, we do have text which
explains what the problem is, but I think it requires some
reformatting to fit as charter text.
The problem description is:
----------------------------------------------------------------------
IKEv2 is currently vulnerable to the two following privacy concerns:
1) It's not possible to run a server that obfuscates IKEv2/IPsec using
TLS.
Today thanks to RFC 8229 it is possible to run an IKEv2/IPsec
server on TCP port 443 with TLS. However if a government agent
tries to send an SA_INIT over that it will discover that this
server runs IKEv2/IPsec, and may blacklist it. We should add a
mechanism to IKEv2 that allows the server to only respond to
SA_INIT from known entities (e.g. that possess a shared secret).
2) The privacy of the initiator's identity in the presence of a man in
the middle attacker is not protected.
Today an attacker with full control of the network can receive the
IDi/IDr sent by the initiator in the first AUTH packet. We should
add a mechanism to IKEv2 that allows the initiator to only send
IDi/IDr to known entities (e.g. that possess a shared secret).
----------------------------------------------------------------------
Is this something that we should add to charter? Do people understand
the issue?
Note, that there are multiple ways of solving these issues, for
example the 2nd problem can also be solved by using pseudonyms, i.e.,
sending random one use ID payloads during the IKE_AUTH, and after the
peers have authenticated each other, they can do new exchange which
will change the pseudonyms for next use. I think the 2nd option should
be rewritten in bit more generic ways to allow that kind of option
too.
Send your comments and whether you support adding this to the charter
to the ipsec list in next two weeks.
--
kivinen@iki.fi
- Re: [IPsec] Additional charter items 4/4: Mitigat… Yoav Nir
- [IPsec] Additional charter items 4/4: Mitigating … Tero Kivinen
- Re: [IPsec] Additional charter items 4/4: Mitigat… Tero Kivinen
- Re: [IPsec] Additional charter items 4/4: Mitigat… Yoav Nir
- Re: [IPsec] Additional charter items 4/4: Mitigat… David Schinazi
- Re: [IPsec] Additional charter items 4/4: Mitigat… Paul Wouters
- Re: [IPsec] Additional charter items 4/4: Mitigat… Tero Kivinen
- Re: [IPsec] Additional charter items 4/4: Mitigat… Tommy Pauly