Re: Closing on shared-key authentication

Marc VanHeyningen wrote:
> > - The only security reason for including password auth in TLS is
> >   that it gains stronger security by having access to strong crypto
> >   in the export case.  I don't think we should include features this
> >   major based solely on brain-damaged US export regulations that
> >   will hopefully soon change.
> Seems to me that's only if you assume the best way to secure password
> auth is to just encrypt the password, as opposed to using other
> more sophisticated methods.

No, you should certainly do something more than just send the password
encrypted.  You should avoid sending the password at all, encrypted or
otherwise.  Some sort of challenge/response mechanism would be
appropriate, but you are protected from eavesdroppers if you encrypt
the data.

> It also is true only if you're willing to accept authentication that
> is dependent upon the security of the encryption; some people feel
> this is undesrable for reasons having nothing to do with export
> regulations.

Do you suggest that the encryption (even 40-bit) is the weak link in
this scheme?  I don't think so.  While there may be some advantages to
be gained by moving the dependency up to the security of the key
exchange from that of the bulk cipher, I don't think they outweigh the

You should only break rules of style if you can    | Tom Weinstein
coherently explain what you gain by so doing.      |

Received on Friday, 11 October 1996 13:52:13 UTC