Re: [IPsec] [Cfrg] Beginning discussion on secure password-only authentication for IKEv2
Yaron Sheffer <yaronf@checkpoint.com> Thu, 04 March 2010 20:06 UTC
Return-Path: <yaronf@checkpoint.com>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C25A13A8E51; Thu, 4 Mar 2010 12:06:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.115
X-Spam-Level:
X-Spam-Status: No, score=-3.115 tagged_above=-999 required=5 tests=[AWL=-0.267, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, SARE_OBFU_ALL=0.751]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3rZZqZgZqXAV; Thu, 4 Mar 2010 12:06:04 -0800 (PST)
Received: from michael.checkpoint.com (michael.checkpoint.com [194.29.32.68]) by core3.amsl.com (Postfix) with ESMTP id 5323A3A8E4B; Thu, 4 Mar 2010 12:06:04 -0800 (PST)
Received: from il-ex01.ad.checkpoint.com (il-ex01.checkpoint.com [194.29.34.26]) by michael.checkpoint.com (8.12.10+Sun/8.12.10) with ESMTP id o24K5xsd005078; Thu, 4 Mar 2010 22:05:59 +0200 (IST)
X-CheckPoint: {4B901158-2-1B201DC2-2FFFF}
Received: from il-ex01.ad.checkpoint.com ([126.0.0.2]) by il-ex01.ad.checkpoint.com ([126.0.0.2]) with mapi; Thu, 4 Mar 2010 22:06:19 +0200
From: Yaron Sheffer <yaronf@checkpoint.com>
To: "Blumenthal, Uri - 0662 - MITLL" <uri@ll.mit.edu>, "'pgut001@cs.auckland.ac.nz'" <pgut001@cs.auckland.ac.nz>
Date: Thu, 04 Mar 2010 22:05:57 +0200
Thread-Topic: [IPsec] [Cfrg] Beginning discussion on secure password-only authentication for IKEv2
Thread-Index: Acq7KC8PKsqPZeyaS82L9IZwtcsVqQAlSlXsAAYACsA=
Message-ID: <7F9A6D26EB51614FBF9F81C0DA4CFEC801BE05CB5975@il-ex01.ad.checkpoint.com>
References: <20100304170852.F34FB3A8B85@core3.amsl.com>
In-Reply-To: <20100304170852.F34FB3A8B85@core3.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "'ipsec@ietf.org'" <ipsec@ietf.org>, "'cfrg@irtf.org'" <cfrg@irtf.org>
Subject: Re: [IPsec] [Cfrg] Beginning discussion on secure password-only authentication for IKEv2
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Mar 2010 20:06:05 -0000
Can someone please explain the joke to me? Nelson was asked about TLS-PSK (RFC 4279) and he replied that it can easily be abused. TLS-PSK (similarly to IKE-PSK) is vulnerable to dictionary attacks if used with a short secret (a.k.a. "password"), at least in the presence of an active attacker. So I think his response was entirely appropriate. What am I missing? Thanks, Yaron > -----Original Message----- > From: ipsec-bounces@ietf.org [mailto:ipsec-bounces@ietf.org] On Behalf > Of Blumenthal, Uri - 0662 - MITLL > Sent: Thursday, March 04, 2010 19:09 > To: 'pgut001@cs.auckland.ac.nz' > Cc: 'ipsec@ietf.org'; 'cfrg@irtf.org' > Subject: Re: [IPsec] [Cfrg] Beginning discussion on secure password- > only authentication for IKEv2 > > Well, during my long and fruitful career I've come across many asinine > statements - but this pearl from your collection outshines mine! Indeed > "straight from the horse's" (or in the context - "mule's"?) mouth (no > offense meant to those wonderful equestrians). > > I'm struck speechless (which is unusual, as anybody who knows me would > confirm :-). > > Regards, > Uri > > ----- Original Message ----- > From: pgut001 <pgut001@wintermute02.cs.auckland.ac.nz> > To: pgut001@cs.auckland.ac.nz <pgut001@cs.auckland.ac.nz>; Blumenthal, > Uri - 0662 - MITLL > Cc: cfrg@irtf.org <cfrg@irtf.org>; ipsec@ietf.org <ipsec@ietf.org> > Sent: Wed Mar 03 18:20:53 2010 > Subject: Re: [Cfrg] [IPsec] Beginning discussion on secure password- > only authentication for IKEv2 > > "Blumenthal, Uri - 0662 - MITLL" <uri@ll.mit.edu> writes: > > >On the vendor side - perhaps EKE patent concern was the cause (you > >implement/sell free SRP and get slapped with EKE licensing)? And the > users > >found alternative solutions in the meanwhile? > > Nope. It's been supported in OpenSSL since 0.9.9, but not in any > browser. > The reason for not supporting it in Firefox is so astonishingly > boneheaded > that I'll quote the original message to make sure that it's straight > from the > horse's mouth ("PSK cipher suites" = non-patent-encumbered EKE in TLS- > talk): > > -- Snip -- > > Subject: Re: NSS implementation of TLS-PSK/ RFC 4279 > Date: Tue, 14 Oct 2008 14:01:10 -0700 > From: Nelson B Bolyard <nelson@bolyard.me> > Reply-To: mozilla's crypto code discussion list > <dev-tech-crypto@lists.mozilla.org> > > jengler@berkeley.edu wrote, On 2008-10-14 13:52 PDT: > > I was wondering if implementation of TLS-PSK (RFC 4279) is currently > in > > development. I do not see it in the current NSS source or roadmap. > Thank > > you for any help. > > > > -John Engler > > No. There are no plans to include any PSK cipher suites in NSS. > Because of the enormous potential for PSK cipher suites to be > misused by application developers, there is strong resistance to > incorporating them into NSS. > > -- Snip -- > > As for Microsoft, Opera, etc who knows? (If you work on, or have > worked on, > any of these browsers, I'd like to hear more about why it hasn't been > considered). I think it'll be a combination of two factors: > > 1. Everyone knows that passwords are insecure so it's not worth trying > to do > anything with them. > > 2. If you add failsafe mutual authentication via EKE to browsers, CAs > become > entirely redundant. > > So the browser vendors' approach is to ignore EKE and keep on waiting > for PKI > to start working, forever if necessary. "PKI meurt, elle ne se rend > pas!" [0]. > > Peter. > > [0] Hat tip to Luther Martin for the quote :-). > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec > > Scanned by Check Point Total Security Gateway.
- [IPsec] Beginning discussion on secure password-o… Paul Hoffman
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Hannes Tschofenig
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Paul Hoffman
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Steven M. Bellovin
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Yaron Sheffer
- Re: [IPsec] Beginning discussion on secure passwo… Dan Harkins
- Re: [IPsec] Beginning discussion on secure passwo… Yaron Sheffer
- Re: [IPsec] Beginning discussion on secure passwo… Paul Hoffman
- Re: [IPsec] Beginning discussion on secure passwo… Dan Harkins
- Re: [IPsec] Beginning discussion on secure passwo… Dan Harkins
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Blumenthal, Uri - 0662 - MITLL
- Re: [IPsec] Beginning discussion on secure passwo… Black_David
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Steven M. Bellovin
- Re: [IPsec] Beginning discussion on secure passwo… Dan Harkins
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Steven M. Bellovin
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Black_David
- Re: [IPsec] Beginning discussion on secure passwo… Yaron Sheffer
- Re: [IPsec] Beginning discussion on secure passwo… Yoav Nir
- Re: [IPsec] Beginning discussion on secure passwo… Tero Kivinen
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Blumenthal, Uri - 0662 - MITLL
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Blumenthal, Uri - 0662 - MITLL
- Re: [IPsec] [Cfrg] Beginning discussion on secure… thomwu
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Steven M. Bellovin
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Blumenthal, Uri - 0662 - MITLL
- [IPsec] [Fwd: Re: Beginning discussion on secure … Dan Harkins
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Dan Harkins
- [IPsec] [Fwd: Re: Beginning discussion on secure … Dan Harkins
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Black_David
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Blumenthal, Uri - 0662 - MITLL
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Yaron Sheffer
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Yoav Nir
- Re: [IPsec] [Cfrg] Beginning discussion on secure… Yaron Sheffer