|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: iSCSI: possible DH-CHAP rationaleOfer, > The problem with Assumption 1 (as David Jablon hinted) is that > obtaining a password can cause much more damage then a single > connection hijack. > > And it might be more then just freely reusing it on that target. > I, for example, use the same password for all systems (shame > on me... but otherwise I'd be lost)- when the first system > complains on expiration I go into an overall renewal process. That's correct, but I worry that it misses the forest for the trees. The upshot of this rationale seems to be that it's a reasonable security policy to not be worried about an attacker having one-at-a-time access to iSCSI systems, even if the attack providing that access can be replicated at will but to be sufficiently concerned about password compromise that provides similar access to justify deploying a very strong algorithm to prevent it. I'm having trouble justifying that as a reasonable security policy in practice, although I'll spare everyone from yet another gratuitous home security analogy. I'll join you in trying to infer what David Jablon meant by his somewhat cryptic comments. I thought he was headed in the direction of classifying threats based on the attacker's abilities. I can see a valid distinction among: - (1) a passive eavesdropper (ability to monitor traffic), - (2) an active impersonator (ability to communicate with Initiator, probably coupled with ability to disable the Target or access to it), and - (3) an active man-in-the-middle attacker (ability to see and respond to Initiator-Target communications faster than at least one of the communicating entities, may also be able to insert him/herself as a communication intermediary). CHAP is vulnerable to a passive eavesdropper via an offline dictionary attack, DH-CHAP is vulnerable to an impersonator via an offline dictionary attack, but TCP hijack requires man-in-the-middle (have to see the TCP sequence numbers in real time for the hijack to work), and succeeds immediately without an offline dictionary attack. If David Jablon is correct in his assertion that "For many scenarios, ... there's no big extra barrier for an eavesdropper to also be able to send", one of the implications may be that the distinction between (2) and (3) [the impersonator does not need to eavesdrop, the hijacker does] may be rather slim [although in the quote I've lifted, David was suggesting that there was no significant difference between (1) and (2)]. > Another related point - from iSCSI Security Considerations section: > > "The CHAP authentication method (see Chapter 10) is vulnerable > to an off-line dictionary attack. In environments where this > attack is a concern, CHAP SHOULD NOT be used without additional > protection. Underlying IPsec encryption provides protection against > this attack." > > So for DH-CHAP it would be fair to put the warning: > > "The DH-CHAP authentication method (see Chapter 10) is vulnerable > to an impersonation combined with off-line dictionary attack. > In environments where this attack is a concern, DH-CHAP SHOULD NOT > be used without additional protection. Underlying IPsec > authentication provides protection against this attack." I'll add the second sentence to the -01 version of the DH-CHAP draft, which'll probably be submitted today. > If DH-CHAP is made the only MUST implement method, since IPsec is > not mandatory to use - such a MUST NOT use for the only MUST implement > method is a strange outcome. That seems backwards. If one rephrases it as "in some environments, this 'MUST implement' method [CHAP or DH-CHAP] SHOULD only be used with this other 'MUST implement' method [IPsec]", the result sounds more reasonable to me. Thanks, --David --------------------------------------------------- David L. Black, Senior Technologist EMC Corporation, 42 South St., Hopkinton, MA 01748 +1 (508) 249-6449 *NEW* FAX: +1 (508) 497-8500 black_david@emc.com Cell: +1 (978) 394-7754 ---------------------------------------------------
Home Last updated: Wed Apr 17 14:18:24 2002 9701 messages in chronological order |