Re: [IPsec] Fw: Preshared key authentication in IKEv2

To: "Valery Smyslov" <svanru at gmail.com>, <ipsec at ietf.org>
Subject: Re: [IPsec] Fw: Preshared key authentication in IKEv2
From: Paul Hoffman <paul.hoffman at vpnc.org>
Date: Fri, 30 Oct 2009 10:04:55 -0700
Delivered-to: ipsec at core3.amsl.com
In-reply-to: <82DFB96E88E54DE98E9B6B5F766C3EB8 at trustworks.com>
List-archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-help: <mailto:ipsec-request@ietf.org?subject=help>
List-id: Discussion of IPsec protocols <ipsec.ietf.org>
List-post: <mailto:ipsec@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
References: <82DFB96E88E54DE98E9B6B5F766C3EB8 at trustworks.com>

At 9:58 AM +0300 10/30/09, Valery Smyslov wrote:
>Hi all,
>
>I'd like to reiterate my early message, which I haven't got answer to.
>My concerns are:
>
>1. How padding pre-sahred key with string "Key Pad for IKEv2"
>    could help to avoid storing pre-shared key in IKE implementation
>    if prf is not known untill IKE_SA_INIT exchange is finished?

The PRF (or set of PRFs) is known by the receiving party. If the two parties always only use one PRF, it is known. The padding is not a universal solution for the reasons you give, but it works in the common case of peers who know each other's crypto choices.

>2. It is a bit unclear whether EAP generated key should also
>    be padded before use in IKE, or used directly.

I'm pretty sure the key is used in its PRF form, not in its "as is" form, but I would want to hear from one or two implementers on that.

--Paul Hoffman, Director
--VPN Consortium

Follow-Ups:
- Re: [IPsec] Fw: Preshared key authentication in IKEv2
  - From: Tero Kivinen

References:
- [IPsec] Fw: Preshared key authentication in IKEv2
  - From: Valery Smyslov

Prev by Date: Re: [IPsec] #118: Reference for PKCS #7
Next by Date: Re: [IPsec] #120: CA indication with cert req - allowed types
Previous by thread: [IPsec] Fw: Preshared key authentication in IKEv2
Next by thread: Re: [IPsec] Fw: Preshared key authentication in IKEv2
Index(es):
- Date
- Thread

Re: [IPsec] Fw: Preshared key authentication in IKEv2

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.