SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    RE: FCIP and iFCP Keying Problem



    David,
    
    Could you please give us a short tutorial or reference
    explaining this weakness for us beginners in security?
    
    Many thanks,
    
    Bob Snively
    
    > 
    > That's not acceptable because the result of combining
    > the two mandatory (MUST) mechanisms is vulnerable to a
    > man-in-the-middle attack.
    > 
    
    
    -----
    Message-ID: <277DD60FB639D511AC0400B0D068B71ECAD71A@CORPMX14>
    From: Black_David@emc.com
    To: ips@ece.cmu.edu
    Subject: FCIP and iFCP Keying Problem
    Date: Fri, 7 Sep 2001 13:33:58 -0700 
    Importance: high
    X-Priority: 1
    X-Mailer: Internet Mail Service (5.5.2653.19)
    
    Both FCIP and iFCP intend to require:
    
    	- IKE with pre-shared keys MUST implement
    	- IKE with public-key based keys MAY implement
    	- IKE Main Mode MUST implement
    	- IKE Aggressive Mode MAY implement
    
    That's not acceptable because the result of combining
    the two mandatory (MUST) mechanisms is vulnerable to a
    man-in-the-middle attack.
    
    If IKE with pre-shared keys is "MUST implement" (which
    makes sense, as it's the simplest IKE authentication
    mechanism), then:
    	- IKE Aggressive Mode needs to be "MUST implement"
    	- Use of IKE Main Mode with pre-shared keys needs
    		to be "SHOULD NOT use" or "MUST NOT use".
    Alternatively, if IKE Aggressive Mode remains "MAY implement",
    then:
    	- IKE with signature authentication based on public
    		keys needs to be "MUST implement" along with
    		some certificate usage guidelines.
    	- Pre-Shared keys needs to be "MAY implement" (can't
    		be any stronger than the requirement for
    		IKE Aggressive Mode).
    	- Use of IKE Main Mode with pre-shared keys needs
    		to be "SHOULD not use" or "MUST not use".
    
    Changing IKE to remove the Main Mode vulnerability
    with pre-shared keys is not a viable approach.
    
    Sorry,
    --David
    
    ---------------------------------------------------
    David L. Black, Senior Technologist
    EMC Corporation, 42 South St., Hopkinton, MA  01748
    +1 (508) 435-1000 x75140     FAX: +1 (508) 497-8500
    black_david@emc.com       Mobile: +1 (978) 394-7754
    ---------------------------------------------------
    


Home

Last updated: Sat Sep 08 19:17:11 2001
6473 messages in chronological order