SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    Re: iSCSI authentication requirements




    I don't know what "resistance to highjacking" means in this context.

    I would say that resistance to dictionary attack is important.
    I would also argue for:

    "resistance to impersonation" for the target (and initiator?)

    Julo


    "Bernard Aboba" <bernard_aboba@hotmail.com>
    Sent by: owner-ips@ece.cmu.edu

    26-03-02 23:03
    Please respond to "Bernard Aboba"

           
            To:        ips@ece.cmu.edu
            cc:        
            Subject:        iSCSI authentication requirements

           


    In order to move forward on selecting an alternative mandatory iSCSI login
    authentication method, it is important to understand what the requirements
    are. I would like to suggest that the following requirements are essential:

    a. Mutual authentication
    b. Pre-shared key support with sufficient key size (e.g. 128 bits)
    c. Resistance to man-in-the-middle attack

    On the other hand, I would argue that the following requirements are *not*
    important:

    d. Resistance to hijacking
    e. Dictionary attack resistance
    f. Support for certificate authentication

    Goals

    Mutual authentication is important so that not only can the iSCSI Target
    authenticate the Initiator, but also the Initiator can authenticate the
    Target. The ability to detect a rogue Target is important, especially since
    iSCSI can be used for booting and rogue Targets could fools Initiators into
    making use of bogus data. The ability of the Target to authenticate the
    Initiator is important so that the Target can control access.

    Pre-shared key support is important since this is likely to be the most
    common use of iSCSI login authentication. The pre-shared key should be
    unique to the two parties, and not suceptible to man-in-the-middle attack,
    as opposed to the Group Pre-Shared key that is so widely implemented within
    IPsec VPN clients, and that enables man-in-the-middle vulnerabilties.
    Sufficient entropy is required to avoid brute-force attacks.

    Non-goals

    iSCSI login authentication can be used with or without IPsec. When IPsec is
    not used, the iSCSI connection can be hijacked, but this is not something
    that login authentication can protect against.

    One of the reasons that SRP was chosen was its resistant to dictionary
    attack when weak secrets are used. However, it is not clear that this is
    useful functionality for iSCSI login authentication.

    Mounting iSCSI volumes is inherently a machine activity, since access to
    that volume, when mounted, is determined by the operating system and its
    access controls rather than security services within the wire protocol.

    As a result, the credentials used for iSCSI login may be machine
    credentials, which can be assumed to be pre-shared keys with significant
    entropy, rather than a user password.

    The once scenario in which a user password might be relevant is mounting an
    iSCSI volume via a storage service provider. However, this is exactly the
    scenario in which IPsec protection of iSCSI would be most likely. Therefore,
    I would claim that dictionary attack resistance is not important here
    either.

    If certificate authentication is possible and desired, this can be provided
    within IKE Main Mode. As a result, certificate-based authentication is not
    required within iSCSI login.




    _________________________________________________________________
    MSN Photos is the easiest way to share and print your photos:
    http://photos.msn.com/support/worldwide.aspx





Home

Last updated: Sat Mar 30 12:18:17 2002
9394 messages in chronological order