Microsoft files EU Android complaint

D. Hugh Redelmeier hugh-pmF8o41NoarQT0dZR+AlfA at public.gmane.org
Sun Apr 14 15:42:42 UTC 2013 

| From: James Knott <james.knott-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org>

| That, of course, is an implementation issue, not an inherent problem with
| IPSec.

My point was that IPSec has needless options, each one adding to the
room for bugs, and leading to dark untested corners.  That is
inherent.

| > I think that I'm the only one that implemented IKE authentication with
| > bare public keys (i.e. not embedded in X.509 certificates).
| 
| StrongSWAN supports self generated certificates in the same manner as ssh.

And probably bare public keys since it is based on my code.

| > Lots of people want pre-shared keys but bare public keys are just
| > about as easy, way more powerful, and easier to handle safely.
| 
| Pre-shared secret keys are easier, as you don't have to generate a
| public/private key pair, but creating the secret password can stand some
| improvement.  Like other passwords, people often choose a simple on that may
| have some connection to them.  When I created the secret passwords, I would
| generally use ps aux|md5sum to get a string of "random" characters.

Doing PSK safely requires as much fiddling with tools as generating a
public key.  Your example shows this.

Adding certificates to the mix adds complexity.  Among other things,
certs are fatter and are less likely to fit in an IKE message
(remember, large messages get fragmented and many firewalls discard
UDP fragments).

I'm not saying that certs don't have their benefits.  But one needs to
think about what they are in a particular application.

A number of security bugs in IPSec implementations have been due the
the cert handling code.

|   I also recall
| reading a book on encryption where they covered several methods, including
| 3DES.

3DES was a good solution to an unfortunate problem.  Only DES hardware was
available and DES was thought to be good at resisting all but
brute-force attacks.  3DES exploited the hardware and made brute force
much less feasible.

AES eventually (many years later) has a bunch of advantages.  The
paranoid among us don't know if DES or AES have backdoors.  For
example, the NSA got IBM (the designers) to change DES in ways that
have not been explained satisfactorily.

BTW, the US Congress actually forced banks to only use 1DES.  Was that for
security or insecurity (allowing the NSA in)?
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists

More information about the Legacy mailing list