lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.NEB.4.51.0304251329120.664@angelic-vtfw.cvpn.cynic.net>
Date: Fri, 25 Apr 2003 13:34:53 +0900 (JST)
From: Curt Sampson <cjs@...ic.net>
To: David Wagner <daw@...art.cs.berkeley.edu>
Subject: Re: Cracking preshared keys


On Thu, 24 Apr 2003, David Wagner wrote:

> Michael Thumann  wrote:
> >4. Of course the psk must be weak to crack it in an acceptable amount of time
>
> What do you expect IPSec to do if you give it an insecure, guessable key?
> Noone claimed it would be secure in such a situation.
>
> I find your recommendations hard to take seriously.  This is not a
> vulnerability in IPSec....

You seem to have missed the vulnerability. The vulnerability is *not* that,
if you use a weak key, an attacker has a better chance of guessing it. The
vulnerability is that you are giving away information that allows him to
test his guesses on his own, rather than by using your system to test the
keys.

In the former case, you have no idea that an attack is occurring. In the
later case, you can determine from the number of failed authentication
attempts that an attack is likely occurring, and take measures (such as
"locking" the account under attack, blocking that range of IP addresses,
or making any request from that range fail whether the secret is correct
or not). You can also greatly slow the rate at which the attacker can
make guesses by controlling the rate at which you will respond to
authentication requests.

Keep in mind that, even if you use very secure keys, there is still a
(small) chance that an attacker could guess your key anyway, just by
trying random keys for a while. Having other methods in place, as well
as secure key, will help in your defense.

cjs
-- 
Curt Sampson  <cjs@...ic.net>   +81 90 7737 2974   http://www.netbsd.org
    Don't you know, in this new Dark Age, we're all light.  --XTC


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ