Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

Re: [EFM] OAM - Faye's seven points




On Tue, 18 Sep 2001 10:10:03 -0700  Harry Hvostov wrote:
> It is true that current cable access networks use MAC address for
> authentication. However, this is widely considered a weak authentication
> scheme which will be replaced with X.509 digital certificates plus 1,024 bit
> RSA key pair. You will start seeing deployment of BPI+ by 2002.

Actually, we use MAC authentication for both DSL and cable access.

I have been around too long to believe anyone's deployment dates,
especially for speculative technology like client-side X.509 and 1,024
bit RSA key pairs.  Similar projects have failed so many times in the
past.  This one may not be different.

However, those are quibbles.  No question that MAC authentication is
weak.

> Strong authentication is key in preventing the following attacks:
> 
> - Masquerading
> - DOS
> - Replay
> - Device cloning
> - Theft of service
> 
> In all cases both the service provider and customer are at risk.

I am not sure what you mean by "key".  *Properly implemented* strong
authentication at the Ethernet level will help in preventing the above
attacks, but is not sufficient nor required to prevent the above
attacks.  Security is end-to-end.

[Book recommendation: a defacto standard text for both the beginner
 and experienced security expert is Bruce Schneier's "Secrets and
 Lies: digital security in a networked world"; 2000; Wiley; ISBN
 0-471-25311-1.  In the preface, Schneier states that his intent on
 publishing this book is to correct the view, which he presented in
 his classic "Applied Cryptography", that tools strong auth alone, are
 sufficient to prevent the above and other attacks.] 

*Properly implemented* digital certificate based auth is better than
MAC auth.  I have real doubts about service provider's ability to
properly implement digital certificate infrastructures for a public
network.  The cost of these infrastructures is enormous.  People have
been trying to build them for the last ten years and, as far as I
know, no one has succeeded yet.  In the early 1990's we all believed
that client-side certificates for secure web access, email, etc. would
be widely deployed by 1997 at the latest.  However, it didn't work out
and we still use %@&?@*# password authentication for access to public
network elements instead of digital certificates.  Password auth is even
weaker than MAC auth.

In any case, this could very well shape up to be a long and boring
argument -- one I would really not like to participate in, as I am no
longer a security maven.  I wouldn't be suprised if people on one of
the security lists would be willing to discuss.

My recommendation would be:

1) For the copper point-to-point portions of IEEE 802.3ah, any
   encryption not be a required part of the standard,

2) For the EPON portions of the standard, any encryption should leverage
   existing standards (we have so many of them already, one of them
   might actually work.)



good luck,
fletcher