[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Issue 6: Encryption

To: radiusext@ops.ietf.org
Subject: Re: Issue 6: Encryption
From: Bernard Aboba <aboba@internaut.com>
Date: Mon, 13 Dec 2004 20:18:49 -0800 (PST)

Wolfgang Beck said:

"Issue 6

To be honest, I did not find an RFC that describes how to
encrypt individual RADIUS attributes other than User-Password
and Tunnel-Password."

RFC 2548 also defines encryption of the MPPE-Key attributes.
However, the use of the SALT field in that draft is broken -- the SALT if
used, needs to go at the beginning, not the end!

Putting it at the end is silly because a known plaintext attack
compromises the keystream, and then the attacker can continue the key
stream guessing various SALT values.  So the SALT has no security value at
all in making the stream cipher harder to crack.

Given the attacks on MD5-based stream ciphers (see RFC 3579 for details),
I'm not sure we'll be able to get any document using them past security
review.

If we really do need to encrypt an attribute, probably the way to go is to
use an AES-based wrap.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: Re: Issue 7: Message-Authenticator?
Next by Date: Re: [Geopriv] Radius-Geopriv: Civic vs. geospatial location information
Previous by thread: Re: Issue 7: Message-Authenticator?
Next by thread: Re: [Geopriv] Radius-Geopriv: Civic vs. geospatial location information
Index(es):
- Date
- Thread