Re: Issue: draft-ietf-radext-digest-auth-06.txt Digest MD5-sess

[Henrik Nordstrom <henrik@henriknordstrom.net>]

On Thu, 29 Dec 2005, Alan DeKok wrote:

>  That's what cookies are for.  See my "mod_auth_radius" for an
> implementation that authenticates the user once, and uses a cookie for
> the following HTTP sessions.  The module isn't perfect (by any means),
> but the general concept goes like this:
>
>  Session1 : get authentication data from the user
>             pass to radius server
> 	     if access-accept
> 		cookie = MD5(authentication data + secret + timestamp) + ...
>
>  SessionN : get authentication data from the user
> 	      validate cookie
> 	      if cookie has expired or is invalid, re-auth the user
> 	      else let them in.


I assume you are aware that Digest MD5-sess iss running circles around the 
above scheme in terms of security thanks to the replay protection provided 
by the nonce-count in the Digest protocol. The above proposed scheme can 
only be considered reasonably secure if combined with end-to-end transport 
security (i.e. https for encryption). Even if using a more secure hash 
than MD5 in your cookie is taken into account.


>  I would very, very, much recommend against pushing authentication
> data to the client without a detailed security review of the
> implications.  Since there are pre-existing methods for implementing
> what you want without changing RADIUS, I would recommend against
> changing RADIUS.

I can do what I want with the proposed radius digest draft already, just 
has to bend the RADIUS exchanges slightly as explained a few minutes ago. 
The proposed changes is only to allow this to be done without lying to the 
RADIUS server, and only as an optional feature.

Regards
Henrik

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>