IETF Logo Mail Archive

Re: [IPsec] Garage door - let's pick a different example

Yoav Nir <ynir.ietf@gmail.com> Mon, 28 July 2014 10:46 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F05CA1A0108 for <ipsec@ietfa.amsl.com>; Mon, 28 Jul 2014 03:46:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oBmH6rXsVFGB for <ipsec@ietfa.amsl.com>; Mon, 28 Jul 2014 03:46:36 -0700 (PDT)
Received: from mail-wi0-x229.google.com (mail-wi0-x229.google.com [IPv6:2a00:1450:400c:c05::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC05D1A020A for <ipsec@ietf.org>; Mon, 28 Jul 2014 03:46:35 -0700 (PDT)
Received: by mail-wi0-f169.google.com with SMTP id n3so4047226wiv.2 for <ipsec@ietf.org>; Mon, 28 Jul 2014 03:46:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=/RmL+al5vqAzlhx+XZN6bmRquoDdcl6fcsitrKqKU9s=; b=vlDvwQxdUmqZlh6hLel13XjGocQCHYivLluzzzYSD+vOyVdgn6DdrpskyCB0pEMM9Y 9V1DEPMxY1crOD1/yND5RFkE7N3wAOEegfIUBqnQmLwRGEnT8dXXv78BrXAAVI4pYVl2 fbflFgcPb8+Aqzz15dZPPMdbUxH/PaX9RyArA5bXcCHeHu/4eVVWeWn+lNK4Z3T+T9s9 qCDv2k838rqHK/p63V2nDyrIXc11luty5ZGUNErH+dtliEyDqZpzd/bnfTXAF8j7y6A6 f4jp0FHB+NBuwj0TTDzLyUkX4+12Jp8QT+vQUz4eBQeqWRyAewq1oyc7lRnGnQl4k/KH n4TA==
X-Received: by 10.194.9.1 with SMTP id v1mr10434563wja.128.1406544392794; Mon, 28 Jul 2014 03:46:32 -0700 (PDT)
Received: from [172.24.248.227] (dyn32-131.checkpoint.com. [194.29.32.131]) by mx.google.com with ESMTPSA id df1sm30049952wib.4.2014.07.28.03.46.31 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 28 Jul 2014 03:46:32 -0700 (PDT)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <53D6125B.4030509@gmx.net>
Date: Mon, 28 Jul 2014 13:46:30 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <782DD2E2-9691-42A3-8D7F-5EF6268D98EB@gmail.com>
References: <53D287BA.2070104@gmail.com> <53D6125B.4030509@gmx.net>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: http://mailarchive.ietf.org/arch/msg/ipsec/Qx0fQVr6gSZlBOPEokbXnEM-tgs
Cc: ipsec <ipsec@ietf.org>
Subject: Re: [IPsec] Garage door - let's pick a different example
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Jul 2014 10:46:38 -0000

Hi Hannes

I tend to agree. The beauty of IP (with or without “sec”) is that I can open a connection in one place to a server that is located in another location half-way around the world. The garage door opener is used from a short distance, so you don’t really need routing. You still might want to use IP, if only because IP-supporting equipment is so ubiquitous. I would have liked it if we could use some zeroconf protocol for discovering the garage door, but just because the opener is physically close to the garage door does not mean that it is topologically close on the Internet. So the best IP-based way is to register the garage door in DNS (garagedoor.yaronshouse.org), and then HTTPS works at least as well as HTTP over IPsec.

All this underlines Yaron’s claim that we need a better example for a use case for NULL auth.

Yoav

BTW: my local police station has an electrically-operated gate to the parking lot where the patrol cars are parked. It’s opened remotely by calling a particular phone number. The gate answers, immediately hangs up, and opens. This is pretty bad, because a phone number is a terribly short shared secret.

On Jul 28, 2014, at 12:05 PM, Hannes Tschofenig <hannes.tschofenig@gmx.net> wrote:

> Hi Yaron,
> 
> if you further try to implement a prototype for a door opener then you
> might run into a number of issues, such as
> 
> * how does the garage opener discover the garage door?
> * what radio technology are you going to use?
> * how does the garage door authorize the garage opener?
> 
> When you then answer all these questions you might realize (as I did)
> that you neither want to use IPsec there nor even IP.
> 
> Ciao
> Hannes
> 
> PS: I agree with your statement about mutual authentication.
> 
> On 07/25/2014 06:37 PM, Yaron Sheffer wrote:
>> This might sound like a nit, but we have this text in the draft, as a
>> use case for null auth:
>> 
>> "User wants to get some simple action from the remote device. Consider
>> garage door opener: it must authenticate user to open the door, but it
>> is not necessary for the user to authenticate the door opener.  In this
>> case one-way authentication is sufficient."
>> 
>> The problem is, this is an incorrect protocol. Specifically, a MITM (who
>> might be physically located by the kitchen door), could redirect the
>> protocol exchange to a door different from the one I intended to open.
>> Seeing that nothing happens, I will simply press the remote again and
>> open the garage door, too.
>> 
>> This is of course a generic problem, where unauthenticated protocols
>> have unforeseen consequences.
>> 
>> Thanks,
>>    Yaron
>> 
>> 
>> _______________________________________________
>> IPsec mailing list
>> IPsec@ietf.org
>> https://www.ietf.org/mailman/listinfo/ipsec
>> 
> 
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec

v2.23.0 | Report a Bug | By Email