JiscMail Logo
Email discussion lists for the UK Education and Research communities

Help for MOONSHOT-COMMUNITY Archives


MOONSHOT-COMMUNITY Archives

MOONSHOT-COMMUNITY Archives


MOONSHOT-COMMUNITY@JISCMAIL.AC.UK


View:

Message:

[

First

|

Previous

|

Next

|

Last

]

By Topic:

[

First

|

Previous

|

Next

|

Last

]

By Author:

[

First

|

Previous

|

Next

|

Last

]

Font:

Proportional Font

LISTSERV Archives

LISTSERV Archives

MOONSHOT-COMMUNITY Home

MOONSHOT-COMMUNITY Home

MOONSHOT-COMMUNITY  January 2012

MOONSHOT-COMMUNITY January 2012

Options

Subscribe or Unsubscribe

Subscribe or Unsubscribe

Log In

Log In

Get Password

Get Password

Subject:

Re: EAP Channel Binding and Server Certificates

From:

Sam Hartman <[log in to unmask]>

Reply-To:

Sam Hartman <[log in to unmask]>

Date:

Tue, 10 Jan 2012 11:41:43 -0500

Content-Type:

text/plain

Parts/Attachments:

Parts/Attachments

text/plain (37 lines)

>>>>> "Josh" == Josh Howlett <[log in to unmask]> writes:

    Josh> Sam, Isn't this a variant of the compound authentication
    Josh> binding problem?

Yes.

    Josh> Modern tunnelled methods generally address this by
    Josh> cryptographically binding residue from the outer tunnel to the
    Josh> inner exchange. C can terminate the outer tunnel, but the EAP
    Josh> server will detect that.

Cryptographic binding is one of those EAP myths like channel binding:-)

Unlike channel binding I don't think there is any spec for cryptographic
binding.
Yes if a particular EAP method supports cryptographic binding and
happens to do so in a manner that defends against this attack we can
take advantage of that.
We'll certainly look into FreeRADIUS and libeap's support for eap-ttls
and eap-mschapv2 cryptographic binding.


    Josh> So we could combine that with leap-of-faith. I think libeap
    Josh> support crypto binding for some EAP methods; I'm not sure
    Josh> about FreeRADIUS.


There's also a catch in what cryptographic binding buys you that I ran
into the last time I discussed it with Joe.  Ah, hmm, some parts of that
discussion made their way into the paragraph just before section 4.1 in
draft-ietf-emu-chbind.  According to that text, cryptographic binding
operates at the outer method level, so an inner method can be extracted
from cryptographic binding by a MITM.  So, no, I don't think
cryptographic binding would allow the EAP server to detect this.

--Sam

Top of Message | Previous Page | Permalink

JISCMail Tools


RSS Feeds and Sharing


Advanced Options


Archives

April 2014
March 2014
February 2014
January 2014
December 2013
November 2013
October 2013
September 2013
August 2013
July 2013
June 2013
May 2013
April 2013
March 2013
February 2013
January 2013
December 2012
November 2012
October 2012
September 2012
August 2012
July 2012
June 2012
May 2012
April 2012
March 2012
February 2012
January 2012
December 2011
November 2011
October 2011
September 2011
August 2011
July 2011
June 2011
May 2011
April 2011
March 2011
February 2011
January 2011
November 2010
October 2010
September 2010
August 2010
July 2010
June 2010
May 2010
April 2010
March 2010
February 2010


WWW.JISCMAIL.AC.UK

Secured by F-Secure Anti-Virus CataList Email List Search Powered by the LISTSERV Email List Manager