Hi Watson, the problem is not that the host cannot deduce from received AUTH payload what kind of signature was used – the AUTH payload includes AlgorithmIdentifier, so these signatures are treated differently. The problem is that host cannot guess what kind of signatures the peer supports, that can lead to SA setup failure. This is not a cryptographic problem, this is IKEv2 protocol problem.
And it was probably not very precise text in my presentation – it meant that we have a problem if the same kind of key (say RSA) can be used with different signature schemes (say RSA-PKCS and RSA-PSS), not necessary the same key. Regards, Valery. From: Watson Ladd Sent: 18 ноября 2016 г. 13:01 To: Tero Kivinen Cc: [email protected] WG; Yoav Nir Subject: Re: [IPsec] Take a stand for key hygine On Thu, Nov 17, 2016 at 7:38 PM, Tero Kivinen <[email protected]> wrote: > Watson Ladd writes: >> I might be confused, but the slides in >> https://www.ietf.org/proceedings/97/slides/slides-97-ipsecme-signature-forms-ambiguity-in-ikev2-00.pdf >> seem to very clearly want something else. Apologies for my >> insufficient context inclusion. > > Yes, with RSA I think it might be quite common for people to use same > key for both RSA PKCS#1 v1.5 and RSA-PSS, and there is not really > anything we can do for that. > > On the other hand the interoperability issue we have now does not > really care whether you have one or two RSA private keys, as long as > initiator can use either RSA-PSS or RSA PKCS#1 v1.5, and do not know > which one responder will accept. What about the approach of treating these as different authentication methods? Or am I misunderstanding the scope of the problem? I'm not that familiar with IKE2. > > I think we might want to add text in the rfc4307bis saying that same > key should not be used with both RSA-PSS and PKCS#1 v1.5. > > The rfc4307bis will be in IETF Last Call soon, so if you can read that > and see what it says about the signature algorithms and see if there > is something we need to add there, that would be great. I will look over it. > -- > [email protected] -- "Man is born free, but everywhere he is in chains". --Rousseau. _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
