YS-1 The PIC Pre-IKE Credential Provisioning Protocol Yaron Sheffer (RADGUARD) and Hugo Krawczyk (Technion) March 2000
YS-2 Overview PIC is a method to provide credentials, based on legacy authentication Credentials to be used in a later IKE session Separate Authentication Server (AS) Flexible: authentication methods, credentials Based on a dedicated, ISAKMP-based mechanism, plus XAuth No modifications to IKE! –But significant reuse
YS-3 Protocol Entities Client/User Authentication Server (AS) Legacy Authentication Server (LAS) Security Gateway (SGW) Optional Link
YS-4 Separate Authentication Server Eliminate user authentication from SGW –Simplified SGW can be used with/without PKI DoS attack on AS will not break existing connections at SGW AS may or may not be collocated with SGW User authenticates once for many gateways
YS-5 PIC Protocol Stages 1. Establish a one-way authenticated secure channel –Only server is authenticated 2. Authenticate user –Typically assisted by legacy server 3. Hand out credentials to user Architecture similar to draft-bellovin-ipsra- getcert-00
YS-6 (Somewhat) Detailed Protocol Client sends –HDR, SA, KE, Ni –Message 2 of XAuth –Credential request over XAuth AS sends –HDR, SA, KE, Nr, IDr1,[ CERT, ] SIG_R –Message 1 of XAuth –User credentials Calculate SKEYID Possibly more...
YS-7 User Authentication Methods Anything that XAuth supports, for example: Simple authentication Challenge/response Two-factor authentication One-time password Note: may need to add machine authentication
YS-8 Credentials Certificate signing user’s public key –Possibly short-term User certificate and private key Shared secret –Requires channel between AS and SGW (adds protocol complexity) –Significantly improves DoS-resistance of SGW
YS-9 Summary Outlined PIC, a protocol to enable remote users to initiate an IKE exchange Reusing XAuth mechanisms and existing IKE code PIC is a practical alternative if IPSRA chooses a separate authentication server
YS-10 References PIC: draft-ietf-ipsra-pic-00.txt XAuth: draft-ietf-ipsec-isakmp-xauth-06.txt IPSRA requirements: draft-ietf-ipsra-reqmts-00 Credentials over TLS: draft-bellovin-ipsra-getcert-00
YS-11 Backup
YS-12 Obtaining the AS Public Key Needed at client anyway to initiate IKE Much easier to distribute a site certificate than build a full-blown PKI Alternatively, can tunnel EKE over PIC and pass server’s cert as part of credential –Client should trust the AS only when EKE exchange is over (complexity!) –Somewhat inefficient...