Re: iSCSI authentication requirements

To: "Bernard Aboba" <bernard_aboba@hotmail.com>
Subject: Re: iSCSI authentication requirements
From: "Julian Satran" <Julian_Satran@il.ibm.com>
Date: Wed, 27 Mar 2002 09:15:50 +0200
Cc: ips@ece.cmu.edu, owner-ips@ece.cmu.edu
Content-Type: multipart/alternative; boundary="=_alternative 0027E372C2256B89_="
Sender: owner-ips@ece.cmu.edu

I don't know what "resistance to highjacking" means in this context.

I would say that resistance to dictionary attack is important.

I would also argue for:

"resistance to impersonation" for the target (and initiator?)

Julo

"Bernard Aboba" <bernard_aboba@hotmail.com>
Sent by: owner-ips@ece.cmu.edu

26-03-02 23:03
Please respond to "Bernard Aboba"

To: ips@ece.cmu.edu
cc:
Subject: iSCSI authentication requirements

In order to move forward on selecting an alternative mandatory iSCSI login
authentication method, it is important to understand what the requirements
are. I would like to suggest that the following requirements are essential:

a. Mutual authentication
b. Pre-shared key support with sufficient key size (e.g. 128 bits)
c. Resistance to man-in-the-middle attack

On the other hand, I would argue that the following requirements are *not*
important:

d. Resistance to hijacking
e. Dictionary attack resistance
f. Support for certificate authentication

Goals

Mutual authentication is important so that not only can the iSCSI Target
authenticate the Initiator, but also the Initiator can authenticate the
Target. The ability to detect a rogue Target is important, especially since
iSCSI can be used for booting and rogue Targets could fools Initiators into
making use of bogus data. The ability of the Target to authenticate the
Initiator is important so that the Target can control access.

Pre-shared key support is important since this is likely to be the most
common use of iSCSI login authentication. The pre-shared key should be
unique to the two parties, and not suceptible to man-in-the-middle attack,
as opposed to the Group Pre-Shared key that is so widely implemented within
IPsec VPN clients, and that enables man-in-the-middle vulnerabilties.
Sufficient entropy is required to avoid brute-force attacks.

Non-goals

iSCSI login authentication can be used with or without IPsec. When IPsec is
not used, the iSCSI connection can be hijacked, but this is not something
that login authentication can protect against.

One of the reasons that SRP was chosen was its resistant to dictionary
attack when weak secrets are used. However, it is not clear that this is
useful functionality for iSCSI login authentication.

Mounting iSCSI volumes is inherently a machine activity, since access to
that volume, when mounted, is determined by the operating system and its
access controls rather than security services within the wire protocol.

As a result, the credentials used for iSCSI login may be machine
credentials, which can be assumed to be pre-shared keys with significant
entropy, rather than a user password.

The once scenario in which a user password might be relevant is mounting an
iSCSI volume via a storage service provider. However, this is exactly the
scenario in which IPsec protection of iSCSI would be most likely. Therefore,
I would claim that dictionary attack resistance is not important here
either.

If certificate authentication is possible and desired, this can be provided
within IKE Main Mode. As a result, certificate-based authentication is not
required within iSCSI login.

_________________________________________________________________
MSN Photos is the easiest way to share and print your photos:
http://photos.msn.com/support/worldwide.aspx

Prev by Date: Re: iSCSI: Task management
Next by Date: Re: iSCSI: Login stage transition; T bit
Prev by thread: Re: iSCSI authentication requirements
Next by thread: iSCSI: Target -> Initiator SNACK?
Index(es):
- Date
- Thread

Home

Last updated: Sat Mar 30 12:18:17 2002
9394 messages in chronological order