[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A bit of background on [RFC3580] Section 5.3

To: Alan DeKok <aland@ox.org>
Subject: Re: A bit of background on [RFC3580] Section 5.3
From: Bernard Aboba <aboba@internaut.com>
Date: Sun, 11 Sep 2005 17:28:52 -0700 (PDT)
Cc: radiusext@ops.ietf.org
In-reply-to: <20050911160729.27EA61710C@mail.nitros9.org>
References: <20050911160729.27EA61710C@mail.nitros9.org>

>   Would there be interested in a PAP replacement?  Something like
> Tunnel-Password comes to mind.  A 16-bit salt would make attacks more
> difficult, but if the salt is coming from the same low-entropy pool as
> the RA, I'm not sure it would help.

That is partially what the discussion about Keywrap is about.  The known 
plaintext attacks are enabled by the use of a stream cipher;  if a 
credible block cipher (like AES) were used instead, it would not be a 
problem. 

> > For example, a NAS can attempt to satisfy the global uniqueness
> > property by utilizing the IP address in the high order bits of the
> > RA and then utilizing a pseudo-random number in the low order bits.
> 
>   Is it worth codifying recommendations?  i.e. RA = (IP + counter +
> pseudo-random number + ...)  That would help guide implementors, at
> least.

Perhaps.  There are alternatives, of course.  MAC address + reboot counter 
+ pseudo-random number would work as well.  

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

References:
- Re: A bit of background on [RFC3580] Section 5.3
  - From: "Alan DeKok" <aland@ox.org>

Prev by Date: Hints and End-to-End capabilities
Next by Date: Re: A bit of background on [RFC3580] Section 5.3
Previous by thread: Re: A bit of background on [RFC3580] Section 5.3
Next by thread: Re: A bit of background on [RFC3580] Section 5.3
Index(es):
- Date
- Thread