RE: comments on draft-houseley-aaa-key-mgmt-07.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



  Hi Vidya,

On Sat, February 17, 2007 11:43 pm, Narayanan, Vidya wrote:
> Yes, the problem of an authenticator providing different identities to
> the peer and the server is the typical channel binding problem and can
> be detected by simply doing a protected exchange of the identity between
> the peer and server. When such a discrepancy is detected, then, keys
> won't be handed out or if the identity is part of the key derivation,
> then, it will result in a key mismatch anyway. Hence, there is no
> problem there.

  No, there is a problem even if the identity is part of the key
derivation. The reason is that this is a _symmetric_ key that is used
by the client to gain network access. If it is possible for some
entity to lie about its identity to obtain one of these keys, then that
key can be used to impersonate the client to the authenticator whose
identity was lied about and/or attack a connection the client makes to
the authenticator whose identity was lied about.

  Any security properties you're trying to assign to this key have been
thrown out the window.

  Dan.




_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]