RE: DH-CHAP

To: <ips@ece.cmu.edu>
Subject: RE: DH-CHAP
From: "Yongge Wang" <ywang@karthika.com>
Date: Fri, 12 Apr 2002 09:01:12 -0400
Cc: <black_david@emc.com>, <hvenkatacharya@karthika.com>, "Daniel Thanos" <dthanos@karthika.com>, "Ian F. Blake" <ifblake@comm.utoronto.ca>, "Kumar Murty" <kmurty@karthika.com>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;charset="US-ASCII"
Importance: Normal
In-Reply-To: <Pine.NEB.4.33.0204111805250.447-100000@candlekeep.home-net.internetconnect.net>
Sender: owner-ips@ece.cmu.edu

Thanks for all of your responses.
1. First a small clarification: this kind of attack is easy to mount
than man-in-the-middle attack and is not a man-in-the-middle attack.

2. Secondly, this attack is not only easy to mount in wireless
environment, but also easy to mount in the Internet environment.
Assume that the traffic from initiator to target passes through
2 or 3 routers. Then the firt router from initiator to target or
any computer in the LAN of initiator can easily mount this attack.

3. lastly, it is relatively easy to make some modifications
of DH-CHAP (in the same line of DH-CHAP... and if some one does not like
the patent issues of SPEKE, SRP or EKE, then we can make the enhanced
DH-CHAP at least as similar to DH-CHAP..no one can guarantee that there is
no patent issues here just as no one can guarantee that the patent holders
of SPEKE, SRP, or EKE will not claim that DH-CHAP does not infringer their
patent) to avoid this kind of attacks, why we still use
DH-CHAP.

Best regards,
Yongge

Bill Writes:
> I think you are correct, and that infact the draft mentions that it it is
> susceptible to this attack. I think this is described in section 6.3, and
> is why that section mentions that _any_ disconnects after one side has
> authenticated before the other has should be treeted as potential security
> issues (since we can't tell if it's a benign problem or a
> man-in-the-middle problem.

Black David wrote:
>That is correct.  DH-CHAP is not secure against active attacks, and
>is not intended to be secure against active attacks, just passive
>ones.  Section 1 of the DH-CHAP draft says:
>
>    DH-CHAP strengths CHAP in a fashion that
>    requires an attacker to perform an online attack (which will
>    generally lead to an authentication failure) in order to capture
>    the information required to mount an off-line dictionary attack on
>    each CHAP secret.

Julian wrote:
>I think that we will have to decide if MIM and any other active attacks
should be a major
>concern.
>IMHO they are for (at least) the following reasons:

Follow-Ups:
- RE: DH-CHAP
  - From: Bill Studenmund <wrstuden@wasabisystems.com>
- Re: DH-CHAP
  - From: Theodore Tso <tytso@mit.edu>

References:
- Re: DH-CHAP
  - From: Bill Studenmund <wrstuden@wasabisystems.com>

Prev by Date: I-D ACTION:draft-black-ips-iscsi-dhchap-00.txt
Next by Date: Re: iSCSI: nits on SRP text key lengths
Prev by thread: Re: DH-CHAP
Next by thread: Re: DH-CHAP
Index(es):
- Date
- Thread

Home

Last updated: Fri Apr 12 12:18:19 2002
9631 messages in chronological order