[Emu] 答复: Re: A review Re: [Nea] I-D Action: draft-ietf-nea-pt-eap-02.txt

Sun, 15 Jul 2012 23:42:34 -0700 

Hi, Nancy,


"Nancy Cam-Winget (ncamwing)" <ncamw...@cisco.com> 写于 2012-07-15 
11:34:55:
 
> 
> "Finally, it describes how the  tls-unique channel binding [RFC5929]
> may be used to PA-TNC exchanges
>    to the EAP tunnel method, defeating MITM attacks such as the 
> Asokan  attack [Asokan]."
> ==> 

The sentence is excerpt from the draft-ietf-nea-pt-eap-02,
I wrote it down but forgot to write the comment.
I was a bit confused by the solution to Asokan attack, because I found 
two solutions  in two different places in the draft :
1. tls-unique 2.crypto binding 
 
 
> 
> "Some EAP tunnel methods may provide explicit confirmation of inner 
> method success; others may not. "
> [NCW] I am not sure I understand the comment or request.  The above 
> sentence is true; in
> PT-EAP's case, as it is not an authenticating method, we describe 
> how tls-unique is used
> in PT-EAP to address such binding.  So, the sentence stands on its 
> own as it is reference
> further details to follow.
> 
This sentence is also excerpt from the draft-ietf-nea-pt-eap-02,
again  I forgot to write the comment :) .

I don't see how current tunnel method provide explicit confirmation of 
inner method success.
If it refers to the mixture of tunnel method key and inner method key, 
yes, there are some tunnel methods do this mixture (to against MITM attack 
) and some do not do,
but  those tunnel method that do not mix the keys are not recommended to 
use I believe. 


> 
> "These inner methods may perform additional security handshakes 
including more
>    granular authentications or exchanges of integrity information (such
>    as PT-EAP.)  " 
> ===> IMO,PT-EAP better be exchanged after the phase two of the EAP 
> tunnel method, so that
>  the resulted key derived from tunnel and inner authentication 
> method can be used to protect it. 
> [NCW] Do you mean to enforce an authentication (inner) method prior to 
PT-EAP?

Yes. It seems to me that PT-EAP is an inner method provinding plain 
message transportation, not authentication.
And EAP tunnel method is seldom used alone, becauce its purpose is to 
protect the inner authentication method, and only server authentication is 
provided in implemementation.
so, I doubt the security of PT-EAP message transimitted in the EAP Tunnel 
method without another inner authentication method. 
Maybe in this case, mutual authentication could be enforced in EAP tunnel 
method, so that no inner authentication methods are needed. 


 

-Sujing Zhou


_______________________________________________
Emu mailing list
Emu@ietf.org
https://www.ietf.org/mailman/listinfo/emu

Reply via email to