[Emu] Issue #24: Backend password attacks

To: <emu at ietf.org>
Subject: [Emu] Issue #24: Backend password attacks
From: "Joseph Salowey (jsalowey)" <jsalowey at cisco.com>
Date: Thu, 6 Aug 2009 13:22:45 -0700
Authentication-results: sj-dkim-3; header.From=jsalowey at cisco.com; dkim=pass ( sig from cisco.com/sjdkim3002 verified; );
Delivered-to: emu at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=1168; t=1249590166; x=1250454166; c=relaxed/simple; s=sjdkim3002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jsalowey at cisco.com; z=From:=20=22Joseph=20Salowey=20(jsalowey)=22=20<jsalowey at ci sco.com> |Subject:=20Issue=20#24=3A=20Backend=20password=20attacks |Sender:=20; bh=P8LLO/Ty7k30DJD+PCEcodu2mDT74wGjBd23mZcGI6E=; b=Yk990BWaYWvRHIBRVJqDU8GmXcePYO1pFAfS6BxHcspJN5MarCqRP5PHaN RHwbXcGszYWGnrnbriKFEchLkaz16YGBnfRkdUPW/DzS3jSCJ8TWlRru/thA IgIgMxE8Hi;
List-archive: <http://www.ietf.org/mail-archive/web/emu>
List-help: <mailto:emu-request@ietf.org?subject=help>
List-id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-post: <mailto:emu@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
Thread-index: AcoW01ZQ6V50SEsMSQyQAcK39A7QJwAAD31w
Thread-topic: Issue #24: Backend password attacks

#24: Backend password attacks

 > Section 4.5
 >
 > "These typically
 >    require the password in its original text form in order to
 >    authenticate the peer, hence they require the peer to send
 > the clear
 >    text user name and password to the EAP server."
 >
 > One of the issues with support for cleartext passwords are
 > the potential attacks against the AAA backend (e.g.
 > User-Password attribute) in split authentication scenarios.
 > Is it worth calling this out?
 >

 How about adding the following to security considerations section:

 "If the inner method is terminated at a different location than the
outer
 tunnel then the inner method data may be vulnerable to modification and
 eavesdropping between the server that terminates the tunnel and the
server
 that terminates the inner method.   For example if a clear text
password
 is used then it may be sent to the inner method server in a RADIUS
 password attribute which uses weak encryption that may not be suitable
 protection for many environments. "

-- 
Ticket URL: <http://wiki.tools.ietf.org/wg/emu/trac/ticket/24>
emu <http://tools.ietf.org/wg/emu/>

Follow-Ups:
- Re: [Emu] Issue #24: Backend password attacks
  - From: Joseph Salowey (jsalowey)

Prev by Date: Re: [Emu] Issue #18: Internationalization
Next by Date: Re: [Emu] Issue #15: Algorithm agility and certs
Previous by thread: [Emu] Issue #22: Collection of smaller issues
Next by thread: Re: [Emu] Issue #24: Backend password attacks
Index(es):
- Date
- Thread

[Emu] Issue #24: Backend password attacks

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.