SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    iSCSI inband auth: Rough Consensus + Direction



    
    David,
    
    Your guidelines are generally reasonable, I have the following
    comments:
    
    1.
    I think we overlooked one aspect which is the convenience of human
    readable passwords in various scenarios. SRP is OK for them, but
    so is CHAP above encrypted IPsec - so a better approach might be
    a text that only (but aggressively) disqualifies CHAP + weak secret
    + no-IPsec-encryption.
    
    2.
    The first part of the CHAP reflection prevention is already covered
    in iSCSI 10.5 (CHAP):
    
    "If the initiator authentication fails, the target MUST answer with a
    Login reject with "Authentication Failure" status. Otherwise, if the
    initiator required target authentication, the target MUST reply with
            CHAP_N=<N> CHAP_R=<R>    "
    
    So based on the above and the guidelines, here is a suggested CHAP
    text for iSCSI "7.2 In-band Initiator-Target Authentication". I
    believe it's also simpler and more concrete on what implementations
    must and must not do:
    
    -------------------------------------------------------------------
    Compliant iSCSI implementation MUST implement the CHAP authentication
    method [RFC1994] (see Section 10.5).
    
    When CHAP is performed over non-encrypted channel, it is vulnerable to
    an off-line dictionary attack. Implementations MUST support use of up
    to 128 bits random CHAP secrets, including the means to generate such
    secrets and to accept them from an external generation source.
    Implementations MUST NOT provide secret generation (or expansion) means
    other than random generation.
    
    If CHAP is used with secret weaker than 96 random bits, than IPsec
    encryption (according to the implementation requirements in "7.3.2
    Confidentiality") MUST be used to protect the connection. Moreover,
    in this case IKE authentication with group pre-shared keys MUST NOT be
    used. When CHAP is used with secret less then 96 bits, compliant
    implementation MUST NOT continue with the login unless it can verify
    that IPsec encryption is being used to protect the connection.
    
    Initiators MUST NOT reuse the CHAP challenge sent by the Responder for
    the other direction of a bi-directional authentication.  Responders
    MUST check for this condition and close the iSCSI TCP connection if it
    occurs.
    -------------------------------------------------------------------
    
     Regards,
       Ofer
    
    Ofer Biran
    Storage and Systems Technology
    IBM Research Lab in Haifa
    biran@il.ibm.com  972-4-8296253
    
    
    
    
    


Home

Last updated: Tue May 28 16:18:41 2002
10353 messages in chronological order