SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    Re: FCIP and iFCP Keying Problem




    Both FCIP and iFCP intend to require:

            - IKE with pre-shared keys MUST implement
            - IKE with public-key based keys MAY implement
            - IKE Main Mode MUST implement
            - IKE Aggressive Mode MAY implement

    That's not acceptable because the result of combining
    the two mandatory (MUST) mechanisms is vulnerable to a
    man-in-the-middle attack.

    Clarification:

    I realize that in the (main mode, pre-shared key) variant the endpoints' identities can only be IP addresses due to a chicken-and-egg problem (and rfc2409 confirms this). I also realize that this variant is useless in the presence of DHCP-assigned IP addresses (which is not our case, as we only work with static IP addresses). A DH is obviously vulnerable to a MIM attack, but a DH + pre-shared key intuitively shouldn't. And I don't think we worry about identities being revealed. What am I missing? (rfc2409 has single-handedly neutralized the few brain cells that I've left).

    -franco


    Franco Travostino, Director Content Internetworking Lab
    Advanced Technology Investments
    Nortel Networks, Inc.
    600 Technology Park
    Billerica, MA 01821 USA
    Tel: 978 288 7708 Fax: 978 288 4690
    email: travos@nortelnetworks.com



Home

Last updated: Fri Sep 07 19:17:10 2001
6452 messages in chronological order