On 07/29/2014 07:36 AM, Tero Kivinen wrote: > Martin Thomson writes: >> 4. Able to access peer authentication credentials (often in >> combination with 3) > > This one is quite hard in practice, and will depend a lot about the > actual protocol we select. In the tcpcrypt there is no way to do > authentication, so there cannot be any authenticated credentials > there.
I think this is a misunderstanding of what tcpcrypt offers.
tcpcrypt offers a shared-secret session ID that should be unique across
all tcpcrypt sessions ever. This is the equivalent to a tls-unique
(assuming that tls-unique actually worked properly [0]).
With such a shared secret, any number of authentication hooks are
possible, including:
0) transmitting a signature over the shared secret by an asymmetric key
(the public key could be embedded in a certificate).
1) transmitting a cryptographic digest H(session_id||PSK) for some
pre-shared key PSK to prove posession of the PSK
So I think "no way to do authentication" is not an accurate way to
describe what tcpcrypt offers.
--dkg
[0] https://secure-resumption.com/
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Tcpinc mailing list Tcpinc@ietf.org https://www.ietf.org/mailman/listinfo/tcpinc
