[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A bit of background on [RFC3580] Section 5.3

>   Would there be interested in a PAP replacement?  Something like
> Tunnel-Password comes to mind.  A 16-bit salt would make attacks more
> difficult, but if the salt is coming from the same low-entropy pool as
> the RA, I'm not sure it would help.

That is partially what the discussion about Keywrap is about.  The known 
plaintext attacks are enabled by the use of a stream cipher;  if a 
credible block cipher (like AES) were used instead, it would not be a 

> > For example, a NAS can attempt to satisfy the global uniqueness
> > property by utilizing the IP address in the high order bits of the
> > RA and then utilizing a pseudo-random number in the low order bits.
>   Is it worth codifying recommendations?  i.e. RA = (IP + counter +
> pseudo-random number + ...)  That would help guide implementors, at
> least.

Perhaps.  There are alternatives, of course.  MAC address + reboot counter 
+ pseudo-random number would work as well.  

to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>