Re: [IPsec] Password-Based Auth: Two criteria comments

Yaron Sheffer <> Mon, 22 March 2010 18:27 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B1ABF3A68B6 for <>; Mon, 22 Mar 2010 11:27:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.664
X-Spam-Status: No, score=-0.664 tagged_above=-999 required=5 tests=[AWL=0.186, BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13, RCVD_IN_SORBS_WEB=0.619]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id D9Rrf2tkYh2F for <>; Mon, 22 Mar 2010 11:27:49 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 90BDE3A688F for <>; Mon, 22 Mar 2010 11:27:49 -0700 (PDT)
Received: by with SMTP id l26so36810fgb.13 for <>; Mon, 22 Mar 2010 11:28:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=gzSZZQXg1GmBwJguuiYFT11IaNSzSmafdPHP1nJn9zE=; b=a5gkgCAw6N0WB27wZwlSrJnpatdWj2e6X55sTu+ojc39DidjI9+HJAgS9uO6b4YltU dCIX15h8c+zOg+S3J6hoMoWlhj2a02/bG3+XSbxQXVwqBGWymfQTMYmAWsT81fQ6vbSD vRrcDHd00w5jVsCy41ijOyhSLXw/uGbNisVyo=
DomainKey-Signature: a=rsa-sha1; c=nofws;; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=UpKktFhh8kn31a4lFFXS3U+TU703FJP1EVx6Y0LyJYtN+9y88OqPsJQnFEQ+hCgDLZ YUnWWNUNNihykVO64RQeoR13fuNOuPo2D3U+AP0Az1vegiG+tQZh9U/sx1PvbYE8CgBE GSCzlzkRvXyyEvHrwaK0brZBpdOmMGzhBnxjQ=
Received: by with SMTP id z32mr114013fgj.36.1269282483633; Mon, 22 Mar 2010 11:28:03 -0700 (PDT)
Received: from [] ( []) by with ESMTPS id 4sm1757530fgg.17.2010. (version=SSLv3 cipher=RC4-MD5); Mon, 22 Mar 2010 11:28:03 -0700 (PDT)
Message-ID: <>
Date: Mon, 22 Mar 2010 20:28:22 +0200
From: Yaron Sheffer <>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: Gecko/20100227 Thunderbird/3.0.3
MIME-Version: 1.0
References: <>
In-Reply-To: <>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [IPsec] Password-Based Auth: Two criteria comments
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 22 Mar 2010 18:27:50 -0000

Hi David,

I think both of these are (correct) requirements, rather than criteria. 
None of the algorithms I've seen care whether it's a 6-char ASCII 
password, or 512 truly-random bits. None of them say anything about 
management (with the possible exception of the "augmented" algorithms 
where the "augmentation" has some bearing on management).

Regarding management, -01 says this, which I think is in line with what 
you're saying:

It is noted that some features (such as support for password expiry)
    and some security criteria (such as resistance to server compromise)
    are very important for the "teleworker" use case.  This document is
    limited to the use of password-based authentication to achieve trust
    between gateways, and for this use case, these features and criteria
    are of questionable value.


On 22.3.2010 20:18, wrote:
> Summarizing what I said in the meeting:
> (1) The performance criteria should include performance with large complex secrets (e.g., pre-shared keys), not just the smaller passwords that people can reasonably be expected to remember.
> This is because a password-based authentication mechanism may be usefully applied to shared secret authentication implementations that derive a supposedly strong secret solely from a password (see the discussion of pre-shared key authentication in Section 2.15 of RFC 4306).  Password-based authentication would provides some defense against this and other key generation weaknesses.  The original password that was used to generate the shared secret may no longer be available, so good performance on large complex secrets would enable password based authentication to use the derived (supposedly strong) secret as the password.
> (2) Management (e.g., password change, password policy) is not mentioned in the criteria document.  This is good.
> Keeping management orthogonal (i.e., out of scope of this criteria discussion) is (IMHO) a good thing, as management techniques and requirements may vary widely across classes of implementations.
> Thanks,
> --David
> ----------------------------------------------------
> David L. Black, Distinguished Engineer
> EMC Corporation, 176 South St., Hopkinton, MA  01748
> +1 (508) 293-7953             FAX: +1 (508) 293-7786
>        Mobile: +1 (978) 394-7754
> ----------------------------------------------------
> _______________________________________________
> IPsec mailing list