Re: [secdir] secdir review of draft-kuegler-ipsecme-pace-ikev2

"Dan Harkins" <dharkins@lounge.org> Thu, 14 April 2011 17:35 UTC

Message-ID: <16d9b37f31bdbfc6588d0743515eea5b.squirrel@www.trepanning.net>
In-Reply-To: <BANLkTikXF=S3NugNBErZZGLngyCECh=jTw@mail.gmail.com>
References: <AC6674AB7BC78549BB231821ABF7A9AEB530189991@EMBX01-WF.jnpr.net> <4DA69C8A.7000305@gmail.com> <BANLkTi=3WCvUgtLdNknDog--UniYM1G9Bg@mail.gmail.com> <4DA72605.10506@gmail.com> <BANLkTikXF=S3NugNBErZZGLngyCECh=jTw@mail.gmail.com>
Date: Thu, 14 Apr 2011 10:35:50 -0700
From: Dan Harkins <dharkins@lounge.org>
To: Nico Williams <nico@cryptonector.com>
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
Importance: Normal
Cc: "draft-kuegler-ipsecme-pace-ikev2@tools.ietf.org" <draft-kuegler-ipsecme-pace-ikev2@tools.ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] secdir review of draft-kuegler-ipsecme-pace-ikev2
Precedence: list

  Hi Nico,

  One other thing...

On Thu, April 14, 2011 9:57 am, Nico Williams wrote:
> On Thu, Apr 14, 2011 at 11:51 AM, Yaron Sheffer <yaronf.ietf@gmail.com>
> wrote:
>> I agree that salting the stored password (SPwd) would have improved the
>> security of this protocol (unlike iteration counts). And it can be added
>> with no extra round trips, since it's not "negotiated", just sent by the
>> responder. My coauthor and I need to consider the benefits vs. costs,
>> since
>> the major use case here is not open servers, more often it would be VPN
>> gateways.
>
> Salting with a username requires no negotiation, but then you can't
> rename users without also changing their passwords (a minor issue).

  I'm not sure that salting really buys anything. This is not a client-
server protocol; either side can initiate to each other. So both sides
need an _identical_ representation of the credential to authenticate with.
If there is some agreed-upon salt then the salted password becomes
the credential to use. This is no different than just using an unsalted
password. The nonces from the IKE exchange are used in PACE to provide
additional randomness to its particular use of the password.

  regards,

  Dan.

[secdir] secdir review of draft-kuegler-ipsecme-p… Stephen Hanna
Re: [secdir] secdir review of draft-kuegler-ipsec… Yaron Sheffer
Re: [secdir] secdir review of draft-kuegler-ipsec… Nico Williams
Re: [secdir] secdir review of draft-kuegler-ipsec… Paul Hoffman
Re: [secdir] secdir review of draft-kuegler-ipsec… Nico Williams
Re: [secdir] secdir review of draft-kuegler-ipsec… Yaron Sheffer
Re: [secdir] secdir review of draft-kuegler-ipsec… Nico Williams
Re: [secdir] secdir review of draft-kuegler-ipsec… Paul Hoffman
Re: [secdir] secdir review of draft-kuegler-ipsec… Nico Williams
Re: [secdir] secdir review of draft-kuegler-ipsec… Nico Williams
Re: [secdir] secdir review of draft-kuegler-ipsec… Dan Harkins
Re: [secdir] secdir review of draft-kuegler-ipsec… Yaron Sheffer
Re: [secdir] secdir review of draft-kuegler-ipsec… Nico Williams
Re: [secdir] secdir review of draft-kuegler-ipsec… Nico Williams
Re: [secdir] secdir review of draft-kuegler-ipsec… Dan Harkins
Re: [secdir] secdir review of draft-kuegler-ipsec… Nico Williams
Re: [secdir] secdir review of draft-kuegler-ipsec… Dan Harkins
Re: [secdir] secdir review of draft-kuegler-ipsec… Nico Williams
Re: [secdir] secdir review of draft-kuegler-ipsec… Yaron Sheffer
Re: [secdir] secdir review of draft-kuegler-ipsec… Nico Williams
Re: [secdir] secdir review of draft-kuegler-ipsec… Yaron Sheffer
Re: [secdir] secdir review of draft-kuegler-ipsec… Tom Yu
Re: [secdir] secdir review of draft-kuegler-ipsec… Nico Williams
Re: [secdir] secdir review of draft-kuegler-ipsec… Nico Williams
Re: [secdir] secdir review of draft-kuegler-ipsec… Glen Zorn
Re: [secdir] secdir review of draft-kuegler-ipsec… Dennis Kügler