[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: About the HIP security model (was Re: New multi6 draft: WIMP)
Ayyasamy, Senthilkumar (UMKC-Student) wrote:
btw, is their any standardized RFC supporting weak authentication
methods? RFC 1984 states explicitly that IETF won't knowingly make
the protocol weaker. But, it was wrote for a different purpose.
anyway, I wish that authors of HIP/WIMP explicitly state the
environment in which weak authentication is ok.
Pekka already pointed to an paper myself and him. But I'd like
to add that while we perhaps introduced the term, there are in
fact some schemes like that in existing protocols. For instance:
o SIP (RFC 3261) uses a leap-of-faith scheme where two callers
can learn their public keys on the fly and register them for
secure communications for later.
o SIP also offers a null authentication challenge-response
scheme, which can be used to assure that the peer at least
has a valid address.
o Mobile IPv6 (in RFC ed queue) uses a weak authentication
technique in its "RR" mechanism that protects route optimization
binding updates.
o SSH uses leap-of-faith when contacting the server for the
first time.
o ...
Anyway, maybe the term "weak authentication" is a bit misleading. We
originally used it a little provocatively. But really, the question
is not about strength as much it is about the type of authentication.
It has been demonstrated in many contexts that "strong" authentication
based on some credentials may not actually match at all the requirements
of a specific application, and may in fact be less secure than other
types of authentication better suited for the application at hand. In
HIP, its about the ability to bind all communications to the host
identity. This is different, but not at all weaker than authenticating
all nodes to some security infrastructure. For instance, I might be
able to prove that I am jari.arkko@ericsson.com, but does that entitle
me to grab all communications destined to <an example address> at IP
layer?
--Jari