I wonder if we need to talk about RFC 4739 here? like:
If multiple authentication exchanges [RFC 4739] are required
for the IKE SA, the IKE SA MUST rekey before sending the second
IKE_AUTH exchange in response to the initial IKE_AUTH's
ANOTHER_AUTH_FOLLOWS
payload to avoid exposing the second authentication form to a quantum
capable attacker.
But this would really complicate the state machine?
You can't do it. There is a single IKE_AUTH exchange with multiple messages
(like in EAP case). You can't do any rekeys until the IKE_AUTH exchange
(which in case of RFC4739 includes multiple authentications) completes.
We can't, you prefer not to?
You _can_ protect the identities of the second authentication if you
would first rekey. I agree it is tricky in a state machine because right
now it is easy to state an unauthenticated IKE SA can never rekey. But
it is possible. It might not be worth the complication.
Well, _technically_ you can do it. But you can't do it if you follow IKEv2
rules.
Because in case of multiple authentications there is no multiple IKE_AUTH
exchanges,
there is a single IKE_AUTH exchange with multiple rounds [1], and you suggest
to insert a new exchange in the middle of the running IKE_AUTH exchange.
It is not state machine issue, it would be violating of very basic IKEv2 rules: you cannot perform
any actions on IKEv2 SA until the IKE_AUTH exchange completes successfully, you cannot
run multiple exchanges if your window size is 1, etc.
Reductio ad absurdum: technically you can rekey right after IKE_SA_INIT
completes,
no need to wait for IKE_AUTH :-)
[1] At least it is my reading of RFC4739. Actually, it is not very explicit
about this,
but the phrase from it "The IKE_AUTH phase is considered successful only if all the individual
authentication exchanges complete successfully." seems to imply that IKE_AUTH phase
cannot be interrupted with any other exchanges.
Regards,
Valery.
Paul
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
