SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    iSCSI: Security Comments



    Julian,
    
    The following are security comments to your new -03.txt version
    of iSCSI:
    
    1) There are several security sections (4.2, 4.3, and 7.) and
    they should be consolidated into one section.
    
    2) Did we come to a consensus that no encryption was to be
    included in iSCSI?  If yes, then section 7.2.2.4 needs to be
    deleted.  If no, then I now do suggest encryption be delegated 
    to IPSec or TLS.  Both of these mechanisms are handled at a
    lower layer and this allows leverage of existing h/w and s/w 
    implementations.
    
    3) I would suggest that iSCSI consider adding an optional
    authentication block in each iSCSI PDU.  If this is of interest
    I can work with you further on it.
    
    Specific comments to security section Appendix A:
    
    a)  pg 77, the following:
    
    "- Public key algorithm (InitPublicKey,TargetPublicKey)"
    
    needs to be replaced by:
    
    "- Public key algorithm (PublicKey)"
    
    If a per-iSCSI PDU authentication block is to be added, perhaps
    that can be added to this list with something like:
    
    "- PDU-Authentication (AuthAlgorithm:)"
    
    Where AuthAlgorithm is the signature algorithm used to sign the
    authentication block.
    
    We would also need a description of new text commands such as:
    
    InitDHValue: and TargetDHValue:, which would list parameters for the
    Diffie Hellman exchange to calculate a shared secret key used for
    AuthAlgorithm.
    
    b)  pg 83, see the following text and suggested modifications:
    
    "The next example is a public-key authentication. The initiator 
       authenticates itself to the target and no keys are exchanged: "
    
    - Need to delete the part "...and no keys are exchanged: ".
    
            "If the user was not confirmed, the target sends a login 
             response message with "login reject" to the initiator. Else, 
             it can send a login response with "login accept" and MAY 
             attach a secret: "
    
    - Need to delete the part "...and MAY attach a secret:".
    
    "The next example is another public-key authentication. The initiator 
       authenticates itself to the target. The target authenticates itself 
       to the initiator and key are exchanged: "
    
    - Delete the part "...and key are exchanged: ".
    
         " T->Text StartSecure:HERE secret: "
    
    - Delete the part "...secret: ".
    
    No secret keys should be exchanged in this phase since the login 
    is authenticated only, not encrypted.  If secret keys are needed for
    a PDU authentication block, then Diffie-Hellman should be used using
    the above text command.
    
    c)  pg 83,
    
    I suggest changing the following text:
    
             NB - where the blob stands for the digitally signed hash of 
             the packet header, the user (presumably some form of 
             machine+OS+session name or a certificate issued by a 
             certificate authority) the target salt and using the 
             appropriate digital signature algorithm (DSS). 
              
    to the following:
    
    "...where the blob stands for the digitally signed hash of
    the iSCSI PDU header, the WWUI of the iSCSI node being authenticated,
    and the salt provided by the authenticating node, using
    the appropriate digital signature method (DSS or DSA)."
    
    d)  pg 84, suggest modifying the following text:
    
          where the blob stands for the digitally signed hash of the 
          packet header, the user (presumably some form WWUID name or 
          certificate issued by a certificate authority) the initiator 
          salt and using the appropriate digital signature algorithm 
          (DSS). The target also send a suggested key encrypted with the 
          initiator public key. 
           
    to the following:
    
    "...where the blob stands for the digitally signed hash of the
    iSCSI PDU header, the WWUI of the iSCSI node being authenticated,
    and the salt privided by the authenticating node, using the 
    appropriate digital signature method (DSS or RSA).
    
    - Delete "Secret:key" from the following:
    
         "T-> Text Authenticate:user,blob Secret:key"
    
    In the following:
    
          where the blob stands for the digitally signed hash of the 
          packet header, the user (presumably some form WWUID name or 
          certificate issued by a certificate authority) the initiator 
          salt and using the appropriate digital signature algorithm 
          (DSS). The target also send a suggested key encrypted with the 
          initiator public key. 
           
    - delete the last sentence "The target also send....".
    
    That's all for now.
    
    Josh Tseng
    
    


Home

Last updated: Tue Sep 04 01:05:53 2001
6315 messages in chronological order