[IPsec] Password-Based Auth: Two criteria comments

<Black_David@emc.com> Mon, 22 March 2010 18:18 UTC

Return-Path: <Black_David@emc.com>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3434A3A6842 for <ipsec@core3.amsl.com>; Mon, 22 Mar 2010 11:18:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.683
X-Spam-Level:
X-Spam-Status: No, score=-5.683 tagged_above=-999 required=5 tests=[AWL=-0.214, BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wkAKtNxG2Ead for <ipsec@core3.amsl.com>; Mon, 22 Mar 2010 11:18:05 -0700 (PDT)
Received: from mexforward.lss.emc.com (mexforward.lss.emc.com [128.222.32.20]) by core3.amsl.com (Postfix) with ESMTP id E76CD3A693C for <ipsec@ietf.org>; Mon, 22 Mar 2010 11:18:03 -0700 (PDT)
Received: from hop04-l1d11-si02.isus.emc.com (HOP04-L1D11-SI02.isus.emc.com [10.254.111.55]) by mexforward.lss.emc.com (Switch-3.3.2/Switch-3.1.7) with ESMTP id o2MIIKuD028296 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <ipsec@ietf.org>; Mon, 22 Mar 2010 14:18:20 -0400
Received: from mailhub.lss.emc.com (nagas.lss.emc.com [10.254.144.15]) by hop04-l1d11-si02.isus.emc.com (RSA Interceptor) for <ipsec@ietf.org>; Mon, 22 Mar 2010 14:18:18 -0400
Received: from corpussmtp3.corp.emc.com (corpussmtp3.corp.emc.com [10.254.169.196]) by mailhub.lss.emc.com (Switch-3.4.2/Switch-3.3.2mp) with ESMTP id o2MII3X9013792 for <ipsec@ietf.org>; Mon, 22 Mar 2010 14:18:17 -0400
Received: from CORPUSMX80B.corp.emc.com ([10.254.89.203]) by corpussmtp3.corp.emc.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 22 Mar 2010 14:18:14 -0400
x-mimeole: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 22 Mar 2010 14:18:11 -0400
Message-ID: <C2D311A6F086424F99E385949ECFEBCB01FA68F8@CORPUSMX80B.corp.emc.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Password-Based Auth: Two criteria comments
Thread-Index: AcrJ7AfxCLArm/AvSRSQ7D/IXyRH2Q==
From: <Black_David@emc.com>
To: <ipsec@ietf.org>
X-OriginalArrivalTime: 22 Mar 2010 18:18:14.0172 (UTC) FILETIME=[0976B5C0:01CAC9EC]
X-EMM-EM: Active
Cc: Black_David@emc.com
Subject: [IPsec] Password-Based Auth: Two criteria comments
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Mar 2010 18:18:06 -0000

Summarizing what I said in the meeting:

(1) The performance criteria should include performance with large complex secrets (e.g., pre-shared keys), not just the smaller passwords that people can reasonably be expected to remember.

This is because a password-based authentication mechanism may be usefully applied to shared secret authentication implementations that derive a supposedly strong secret solely from a password (see the discussion of pre-shared key authentication in Section 2.15 of RFC 4306).  Password-based authentication would provides some defense against this and other key generation weaknesses.  The original password that was used to generate the shared secret may no longer be available, so good performance on large complex secrets would enable password based authentication to use the derived (supposedly strong) secret as the password.

(2) Management (e.g., password change, password policy) is not mentioned in the criteria document.  This is good.

Keeping management orthogonal (i.e., out of scope of this criteria discussion) is (IMHO) a good thing, as management techniques and requirements may vary widely across classes of implementations.

Thanks,
--David
----------------------------------------------------
David L. Black, Distinguished Engineer
EMC Corporation, 176 South St., Hopkinton, MA  01748
+1 (508) 293-7953             FAX: +1 (508) 293-7786
black_david@emc.com        Mobile: +1 (978) 394-7754
----------------------------------------------------