IETF Logo Mail Archive

Re: [saag] RADIUS is deprecating MD5

Alan DeKok <aland@deployingradius.com> Mon, 01 April 2024 12:25 UTC

Return-Path: <aland@deployingradius.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B2B5C14F6BD for <saag@ietfa.amsl.com>; Mon, 1 Apr 2024 05:25:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BkEJ0ZWLHK3C for <saag@ietfa.amsl.com>; Mon, 1 Apr 2024 05:25:27 -0700 (PDT)
Received: from mail.networkradius.com (mail.networkradius.com [62.210.147.122]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D00DC14F6BA for <saag@ietf.org>; Mon, 1 Apr 2024 05:25:27 -0700 (PDT)
Received: from smtpclient.apple (unknown [75.98.136.130]) by mail.networkradius.com (Postfix) with ESMTPSA id 42D441D5; Mon, 1 Apr 2024 12:25:24 +0000 (UTC)
Authentication-Results: NetworkRADIUS; dmarc=none (p=none dis=none) header.from=deployingradius.com
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Alan DeKok <aland@deployingradius.com>
In-Reply-To: <1f145577-1e15-492e-9805-e82de1565565@uni-bremen.de>
Date: Mon, 01 Apr 2024 08:25:23 -0400
Cc: saag@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <EA06898C-0C43-402C-99CE-B15D3A76EA98@deployingradius.com>
References: <755BC73B-B981-4986-B45A-E9796DCC66BC@deployingradius.com> <ME0P300MB0713122730DC9574730AC816EE382@ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM> <Zgl6ejdpJNOyUja0@chardros.imrryr.org> <E1B4CCB5-202F-4087-8B56-9E7F3D73D1D0@deployingradius.com> <ZgmDLfNxV2RKSA5o@chardros.imrryr.org> <21309D5A-E824-42C7-8BAB-366AD568E9F4@deployingradius.com> <ZgmPg0qgA9stSeUo@chardros.imrryr.org> <ME0P300MB07133F7BB2C11FA027143127EE3F2@ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM> <1f145577-1e15-492e-9805-e82de1565565@uni-bremen.de>
To: Jan-Frederik Rieckers <rieckers@uni-bremen.de>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/Xfyiu2v0UjnbnwRUqW3yHdblDW0>
Subject: Re: [saag] RADIUS is deprecating MD5
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Apr 2024 12:25:28 -0000

On Apr 1, 2024, at 8:14 AM, Jan-Frederik Rieckers <rieckers@uni-bremen.de> wrote:
> If you are paying by card at a store, then you have to enter your PIN to authenticate (unless you don't, but let's just ignore that here and assume you have to enter a PIN)
> 
> In the RADIUS equivalent, this PIN entry would be encrypted using EAP-TLS, so no one but you and your bank can see the PIN. But everything else, your card number, the amount you want to pay, the place where you are paying, and on the return path, the information whether or not the PIN entry was successful, if you have enough money in your account, etc. is sent in the clear and protected against tampering by a weak integrity check.
> 
> But you need the different layers of encryption.
> For the sake of this analogy, just assume that the PIN entry is done by a completely different part (some kind of secure enclave), that only deals with the PIN entry. So all this metadata (card number, amount, and on the return path the success information) needs to be in a different encryption layer than the PIN.
> 
> So we have two protocol layers that both need protection.
> And that's what the problem is.

  You have a credit card issued by the bank.  You wish to spend money at a store.

  The store owner doesn't know you, and doesn't trust you.  But they trust the bank.

  You present the credit card at the store for a purchase.

  The store owner asks the bank "Is this OK?"  The bank replies "yes, we will pay you that amount".  

  The store owner gets the money, gives you the merchandise, and you walk out of the store happy.

  There are three parties involved.  They each have a role.  RADIUS + EAP follows the same model.

  Alan DeKok.

v2.23.0 | Report a Bug | By Email