Presentation is loading. Please wait.

Presentation is loading. Please wait.

editor: Stephen Farrell,

Published byDerrick Pope Modified over 6 years ago

Similar presentations

Presentation on theme: "editor: Stephen Farrell,"— Presentation transcript:

1 editor: Stephen Farrell,
Draft-ietf-sacred-protocol-bss-04.txt editor: Stephen Farrell, 55th IETF, November 2002

2 Changes from –03 Replaced SASL-MD5 with DIGEST-MD5 everywhere
Updated appendix B and other BEEP issues according to Marshall Rose's Oct 6th recommendations Applied all but three "editorial corrections" raised on list Added a recommendation to download prior to modify Fixed AuthXXXType extensibility as suggested by Gareth Richards

3 Issues still open “Rejected” issues from list:
Adding upload response message Use of CDATA needed? (BEEP question) “More editorial” stuff from Magnus: “ok,ok,ok” Some clarifications (Manning) “tuning” & clarity wrt BEEP & auth New security issue: binding of separate authentications

4 Compound Authentication Issue
draft-puthenkulam-eap-binding-00.txt describes how the lack of a strong binding between compound authentications (esp. server then tunnelled client) leaves open the possibility of “MITM” attacks, which, if the same client authenticator (e.g. password) is badly used in one context, can be real attacks. Raised wrt EAP, but applies here too unfortunately.

5 Problem DIGEST-MD5 password used for sacred and (non TLS) web access with web server (WS) Attacker masquerades as WS to client. Client connects to WS. Attacker WS connects to credential server (CS) CS issues challenge to Attacker Attacker passes back challenge to Client Client sends response to attacker Game over

6 Danger!!! Too late. Client Web Server Credential Server Client
Digest-MD5 (clear) Server-auth TLS, then Digest-MD5 (same pwd) Too late. Client Attacker Credential Server Server-auth TLS, DIGEST-MD5 challenge Digest-MD5 (clear) Finish Digest-MD5 Run away with private key

7 Fix? As a generic attack it arguably ought to be fixed generically (e.g. show a way to securely use SASL within TLS) Specific fix: Modify use of DIGEST-MD5, e.g. make password include “sacred:” or hash(uname) or something? (bar-BoF anyone?) Guidance: If the client authenticator is only used for sacred then the attack doesn’t arise => recommend that the DIGEST-MD5 password only be used for sacred and point at (or describe: “dependency--”) the attack scenario in the security considerations section? EKE, SRP etc. Been there, done that. :-(

8 Plan -05 to be done this week
Only real work is new security considerations text (if that’s how we fix the compound authentication issue) Proposed text to list this week

Download ppt "editor: Stephen Farrell,"

Similar presentations

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P1619.3 April 11, 2007 Andrea Doherty.

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
Dynamic Symmetric Key Provisioning Protocol (DSKPP)

Dynamic Symmetric Key Provisioning Protocol (DSKPP)
CT-KIP Magnus Nyström, RSA Security OTPS Workshop, October 2005.

CT-KIP Magnus Nyström, RSA Security OTPS Workshop, October 2005.
Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.

Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.
RFC2222bis. Summary Rfc2222bis-13 to be submitted tomorrow Addresses substantive issues Addresses editorial/nits Recommend WGLC upon announcement.

RFC2222bis. Summary Rfc2222bis-13 to be submitted tomorrow Addresses substantive issues Addresses editorial/nits Recommend WGLC upon announcement.
1 Improved DNS Server Selection for Multi-Homed Nodes draft-savolainen-mif-dns-server-selection-04 Teemu Savolainen (Nokia) Jun-ya Kato (NTT) MIF WG meeting.

1 Improved DNS Server Selection for Multi-Homed Nodes draft-savolainen-mif-dns-server-selection-04 Teemu Savolainen (Nokia) Jun-ya Kato (NTT) MIF WG meeting.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
Securing Squid (Proxy) Using Digest Authentication.

Securing Squid (Proxy) Using Digest Authentication.
1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV BOF IETF-67 San Diego November 2006 Andrea Doherty.

1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV BOF IETF-67 San Diego November 2006 Andrea Doherty.
Diameter SIP application IETF 64 Vancouver, 6-11 November, 2005

Diameter SIP application IETF 64 Vancouver, 6-11 November, 2005
IETF 60 – San Diegodraft-ietf-mmusic-rfc2326bis-07 Magnus Westerlund Real-Time Streaming Protocol draft-ietf-mmusic-rfc2326bis-07 Magnus Westerlund Aravind.

IETF 60 – San Diegodraft-ietf-mmusic-rfc2326bis-07 Magnus Westerlund Real-Time Streaming Protocol draft-ietf-mmusic-rfc2326bis-07 Magnus Westerlund Aravind.
RADIUS Crypto-Agility Requirements November 18, 2008 David B. Nelson IETF 73 Minneapolis.

RADIUS Crypto-Agility Requirements November 18, 2008 David B. Nelson IETF 73 Minneapolis.
July 16, 20031 Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...

July 16, Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...
Password Mistyping in Two-Factor Authenticated Key Exchange Vladimir KolesnikovCharles Rackoff Bell LabsU. Toronto ICALP 2008.

Password Mistyping in Two-Factor Authenticated Key Exchange Vladimir KolesnikovCharles Rackoff Bell LabsU. Toronto ICALP 2008.
WG Document Status 192nd IETF TEAS Working Group.

WG Document Status 192nd IETF TEAS Working Group.
GEOPRIV Layer 7 Location Configuration Protocol; Problem Statement and Requirements draft-ietf-geopriv-l7-lcp-ps-00.txt Hannes Tschofenig, Henning Schulzrinne.

GEOPRIV Layer 7 Location Configuration Protocol; Problem Statement and Requirements draft-ietf-geopriv-l7-lcp-ps-00.txt Hannes Tschofenig, Henning Schulzrinne.
SIP working group IETF#70 Essential corrections Keith Drage.

SIP working group IETF#70 Essential corrections Keith Drage.
March 2006 CAPWAP Protocol Specification Update March 2006

March 2006 CAPWAP Protocol Specification Update March 2006
ICOS BOF EAP Applicability Bernard Aboba IETF 62, Minneapolis, MN.

ICOS BOF EAP Applicability Bernard Aboba IETF 62, Minneapolis, MN.
1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV WG IETF-68 Prague March 2007 Andrea Doherty.

1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV WG IETF-68 Prague March 2007 Andrea Doherty.

Similar presentations

Ads by Google