[radext] Re: Selfie Attack on TLS-PSK
Q Misell <q@as207960.net> Wed, 31 July 2024 07:54 UTC
Return-Path: <q@as207960.net>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CD2FC14F707 for <radext@ietfa.amsl.com>; Wed, 31 Jul 2024 00:54:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=as207960.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JwW8PaZmtwBc for <radext@ietfa.amsl.com>; Wed, 31 Jul 2024 00:54:10 -0700 (PDT)
Received: from mail-ed1-x536.google.com (mail-ed1-x536.google.com [IPv6:2a00:1450:4864:20::536]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A26E0C14F6A0 for <radext@ietf.org>; Wed, 31 Jul 2024 00:54:09 -0700 (PDT)
Received: by mail-ed1-x536.google.com with SMTP id 4fb4d7f45d1cf-5a2ffc346ceso7622467a12.1 for <radext@ietf.org>; Wed, 31 Jul 2024 00:54:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=as207960.net; s=google; t=1722412448; x=1723017248; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=piXBMySA1+ckBFD4aco80sihNvOlYd508YcEZv65DQU=; b=ELfIof+o6gWY/KGRETmH4QKzVw96Gtj9sIUIxkwS1i2dxdcfo9FFARGgunjBqLPL4b x4+iuyqb47lk9GPOWVWx8OnCRDo9MbX+fIyX8J3wFSxI9CnIW1XNaVBDfPoyctLLWg1X byi15Rpmih2rrtBApXlU2wARwXf44OIxchFrseBUHOhlufGu8yx8MATM1FNoP4WFV31g dQqBxVXDNpjX9l6wz/H6TDuUZy4cmRmk0mJp4iYGkxj1ttdOs6tR5VDrRgNgT60MhvzP vKXJiITOwaV73gZ13XgBFyuSj6X5/5Nh6Bl1rQEZkDNbyBm6SL9QehjPElKLWeMLcXLb 7+wg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722412448; x=1723017248; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=piXBMySA1+ckBFD4aco80sihNvOlYd508YcEZv65DQU=; b=XIrQyUOg+86mkjtfzY7lIU6tFwVkpMHvf2E3n+DUHB4HZzXPYMHasFs/opKotR8/uw q81dkJoivfSIEI7VzBKHKXLlZ1EiN52//eXXAYQc7P2ofAwERZQTLFIxzhRU/H0JTsd1 wkjF3UAl6+B3Gib4BaXT6ApVP0uMGnvWc14ch6jEtMk/Lx5rTBJ8C6yrtCMkmAebdPAg Hrph3zvCV/+Xbi61Xmx9bK6RgcI990Yw4QBehZs/PPDcWv86rXbIueLPDi6N1vbjc22p nJXiG3v0DEnxBhZdVI3H4QQnqYpKepOXQVpZXTm0ysr74WOC75yaecGfGsMvcUdI5w9I IH3Q==
X-Forwarded-Encrypted: i=1; AJvYcCXRAoWR/Tf9VPsX9xQdmoIGyVS1Akf+ZHgbbtwW3izDITFm9wXHspLQ37dWJCT86aYn/LsifYyDYF2EwF8g+9A=
X-Gm-Message-State: AOJu0YzGcEJOwkPrul4TAr3MlOqMvvKreMgfuZv8IQ5+bjwEVQVSofUQ QcFmQbWqlRqwo9+Z9Wuod2TK8Jz98H31kjAJJ1GEGFTaUman80z6y3lGwVjjdDBIccm9oklVxZb /GOWhbWDE0t6FNxMPnPAEZKGtWiAAtX3PxRi29E9shwS0aJ2UTUukVLRPg0f3fg==
X-Google-Smtp-Source: AGHT+IEFYOGLKZwoarq1/1Xm7QulfmjuTOMf+ERNGtKIiHIo69UpQg6uZ+J0+VuQC+7wfTej1D7ui5LRiWAdf7nhbGw=
X-Received: by 2002:a05:6402:5249:b0:5a2:c1b1:4c3 with SMTP id 4fb4d7f45d1cf-5b0205d6cbbmr10029751a12.9.1722412447503; Wed, 31 Jul 2024 00:54:07 -0700 (PDT)
MIME-Version: 1.0
References: <032f01dade8b$1fc33c40$5f49b4c0$@gmail.com> <9BE709A1-470B-4F54-A050-9F30C7A6CBD7@gmail.com> <03ef01dadf44$85ce2220$916a6660$@gmail.com> <CAMEWqGvCS25-2+enWq_VBZhPssTssfjoQgYHZHMbhHRHoJ_bhg@mail.gmail.com> <f90ce022-945d-4f18-a58e-ff2fb774b86d@dfn.de> <E8562465-5D7E-432D-99D9-48BDCFF8C1DF@deployingradius.com>
In-Reply-To: <E8562465-5D7E-432D-99D9-48BDCFF8C1DF@deployingradius.com>
From: Q Misell <q@as207960.net>
Date: Wed, 31 Jul 2024 09:53:31 +0200
Message-ID: <CAMEWqGua56y+0sF-mMomFFVSbnKTNnwm4_HJzfJX7d6hc86mdg@mail.gmail.com>
To: Alan DeKok <aland@deployingradius.com>
Content-Type: multipart/alternative; boundary="000000000000173278061e866617"
Message-ID-Hash: RBOKKDH5WJCPK7NXJKO3YRPHXYFJP6RO
X-Message-ID-Hash: RBOKKDH5WJCPK7NXJKO3YRPHXYFJP6RO
X-MailFrom: q@as207960.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-radext.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Jan-Frederik Rieckers <rieckers@dfn.de>, radext@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [radext] Re: Selfie Attack on TLS-PSK
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/8i1GUw0DjiNpIuRjiCTxRgr3bKw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Owner: <mailto:radext-owner@ietf.org>
List-Post: <mailto:radext@ietf.org>
List-Subscribe: <mailto:radext-join@ietf.org>
List-Unsubscribe: <mailto:radext-leave@ietf.org>
> For the "connections in both directions" use-case, it may be possible to allow Access-Request packets to flow both ways. Personally I quite like this idea. It would also allow one of the RADIUS servers to function when it is behind a NAT/firewall. BGP has the concept of passive connections. Normally in a BGP session both ends try to open the TCP session, but it can be configured such that only one end will actively open and the other merely listens, the same could be done with RADIUS. ------------------------------ Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated. AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company registered in Wales under № 12417574 <https://find-and-update.company-information.service.gov.uk/company/12417574>, LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876 <https://ico.org.uk/ESDWebPages/Entry/ZA782876>. UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №: 522-80-03080. AS207960 Ewrop OÜ, having a registered office at Lääne-Viru maakond, Tapa vald, Porkuni küla, Lossi tn 1, 46001, trading as Glauca Digital, is a company registered in Estonia under № 16755226. Estonian VAT №: EE102625532. Glauca Digital and the Glauca logo are registered trademarks in the UK, under № UK00003718474 and № UK00003718468, respectively. On Tue, 30 Jul 2024 at 13:26, Alan DeKok <aland@deployingradius.com> wrote: > On Jul 30, 2024, at 7:18 AM, Jan-Frederik Rieckers <rieckers@dfn.de> > wrote: > > unfortunately, usually we do have connections in both directions. > > I think that's a separate issue from which identity is used for a > connection. The protection from Selfie is just to use different identities. > > On a related note, Margaret and I had discussions in Vancouver about > two-way TLS connections. While we have a "reverse CoA" draft, there's also > nothing preventing other kinds of packets going down a TLS connection. For > the "connections in both directions" use-case, it may be possible to allow > Access-Request packets to flow both ways. > > > I never thought of it before reading about the selfie attack, but I > think most eduroam services would be susceptible for this kind of attack, > even on RADIUS/UDP, since people probably didn't use different shared > secrets in the different directions. > > The shared secret is also tied to an IP address. So a client which has > the shared secret can't pretend to be the server, because it doesn't have > the servers IP address. > > Alan DeKok. > > _______________________________________________ > radext mailing list -- radext@ietf.org > To unsubscribe send an email to radext-leave@ietf.org >
- [radext] Selfie Attack on TLS-PSK Margaret Cullen
- [radext] Re: Selfie Attack on TLS-PSK Alan DeKok
- [radext] Re: Selfie Attack on TLS-PSK Bernard Aboba
- [radext] Re: Selfie Attack on TLS-PSK Margaret Cullen
- [radext] Re: Selfie Attack on TLS-PSK Fabian Mauchle
- [radext] Re: Selfie Attack on TLS-PSK hannes.tschofenig
- [radext] Re: Selfie Attack on TLS-PSK Alan DeKok
- [radext] Re: Selfie Attack on TLS-PSK Margaret Cullen
- [radext] Re: Selfie Attack on TLS-PSK josh.howlett
- [radext] Re: Selfie Attack on TLS-PSK Alan DeKok
- [radext] Re: Selfie Attack on TLS-PSK Margaret Cullen
- [radext] Re: Selfie Attack on TLS-PSK Margaret Cullen
- [radext] Re: Selfie Attack on TLS-PSK Alan DeKok
- [radext] Re: Selfie Attack on TLS-PSK Alan DeKok
- [radext] Re: Selfie Attack on TLS-PSK josh.howlett
- [radext] Re: Selfie Attack on TLS-PSK Q Misell
- [radext] Re: Selfie Attack on TLS-PSK Jan-Frederik Rieckers
- [radext] Re: Selfie Attack on TLS-PSK Alan DeKok
- [radext] Re: Selfie Attack on TLS-PSK Fabian Mauchle
- [radext] Re: Selfie Attack on TLS-PSK Q Misell
- [radext] Re: Selfie Attack on TLS-PSK Margaret Cullen