[Search] [txt|pdfized|bibtex] [Tracker] [Email] [Nits]

Versions: 00 01 02 03                                                   
Network Working Group                                         V. Smyslov
Internet-Draft                                                ELVIS-PLUS
Intended status: Informational                         December 24, 2013
Expires: June 27, 2014


            The NULL Authentication Method in IKEv2 Protocol
                draft-smyslov-ipsecme-ikev2-null-auth-00

Abstract

   This document defines the NULL Authentication Method for IKEv2
   Protocol.  This method provides a way to omit peer authentication in
   IKEv2 and to explicitely indicate it in the protocol run.  This
   method may be used to preserve anonymity or in situations, where no
   trust relationship exists between the parties.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on June 27, 2014.

Copyright Notice

   Copyright (c) 2013 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.



Smyslov                   Expires June 27, 2014                 [Page 1]


Internet-Draft             NULL Auth in IKEv2              December 2013


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . 3
     1.1.  Conventions Used in This Document . . . . . . . . . . . . . 3
   2.  Using NULL Authentication Method  . . . . . . . . . . . . . . . 4
     2.1.  Authentication Payload  . . . . . . . . . . . . . . . . . . 4
     2.2.  Identity Payload  . . . . . . . . . . . . . . . . . . . . . 4
   3.  Security Considerations . . . . . . . . . . . . . . . . . . . . 5
   4.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6
   5.  Normative References  . . . . . . . . . . . . . . . . . . . . . 7
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . . . 8








































Smyslov                   Expires June 27, 2014                 [Page 2]


Internet-Draft             NULL Auth in IKEv2              December 2013


1.  Introduction

   The Internet Key Exchange Protocol version 2 (IKEv2), specified in
   [RFC5996], provides a way for two parties to perform authenticated
   key exchange.  Mutual authentication is mandatory in the IKEv2, so
   that each party must be authenticated by the other, but
   authentication methods, used by the peers, need not be the same.

   In some situations mutual authentication is undesirable or
   impossible.  For example:

   o  User wants to get anonymous access to some resource.  In this
      situation he/she should be able to authenticate server, but to
      leave out his/her own authentication to prevent anonymity.  In
      this case one-way authentication is desirable.

   o  Two peers without any trust relationship want to get some level of
      security in their communications.  Without trust relationship they
      cannot prevent active Man-in-the-Middle attacks, but it is still
      possible to prevent passive eavesdropping with opportunistic
      encryption.  In this case they have to perform unauthenticated key
      exchange.

   To meet this needs the document introduces NULL Authentication
   Method, which is effectively a "dummy" method, that provides no
   authentication.  This allows peer to explicitely indicate to the
   other side that he is unwilling or unable to certify his identity.

1.1.  Conventions Used in This Document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].


















Smyslov                   Expires June 27, 2014                 [Page 3]


Internet-Draft             NULL Auth in IKEv2              December 2013


2.  Using NULL Authentication Method

   NULL Authentication Method affects how Authentication and Identity
   Payloads are formed in IKE_AUTH Exchange.

2.1.  Authentication Payload

   Even when peer uses NULL Authentication, the AUTH Payload must still
   be present in IKE_AUTH Exchange and must be properly formed, as it
   cryptographically links IKE_SA_INIT Messages with the other Messages
   sent over IKE SA.

   With NULL Authentication Method the content of AUTH Payload MUST be
   computed using the syntax for pre-shared secret authentication,
   described in Section 2.15 of [RFC5996].  The values SK_pi and SK_pr
   MUST be used as shared secrets for AUTH Payloads generated by
   Initiator and Responder respectively.  Note, that this is exactly how
   content of the two last AUTH Payloads is calculated in case of using
   non-key generating EAP Method (see Section 2.16 of [RFC5996] for
   details).  The field Auth Method MUST be set to <to be assigned by
   IANA>.

2.2.  Identity Payload

   NULL Authentication Method provides no authentication of the party
   using it.  For that reason Identity Payload content cannot be
   verified by the other party and SHOULD be ignored.  It MAY be used
   for the purpose of audit, but it MUST NOT be used for any
   authorization decisions.  As peer identity is meaningless in this
   case, Identification Data MAY be omited from ID Payload, in which
   case ID Type MAY be set to any value.  Implementations supporting
   NULL Authentication Method MUST NOT fail if they receive such "empty"
   ID Payload.


















Smyslov                   Expires June 27, 2014                 [Page 4]


Internet-Draft             NULL Auth in IKEv2              December 2013


3.  Security Considerations

   IKEv2 protocol provides mutual authentication of the peers.  If one
   peer uses NULL Authentication Method, then this peer cannot be
   authenticated by the other side, and it makes authentication in IKEv2
   to become one-way.  If both peers use NULL Authentication method, key
   exchange becomes unauthenticated, that makes it subject to the Man-
   in-the-Middle attack.

   The identity of the peer using NULL Authenticated Method cannot be
   verified by the other side and, therefore, MUST NOT be used neither
   for authorization purposes, nor for policy decisions.  All peers who
   use NULL Authenticated Method should be considered by the other party
   as "guests" and get the least possible privileges.





































Smyslov                   Expires June 27, 2014                 [Page 5]


Internet-Draft             NULL Auth in IKEv2              December 2013


4.  IANA Considerations

   This document defines new value in the "IKEv2 Authentication Method"
   registry:

     <TBA>       NULL Authentication Method













































Smyslov                   Expires June 27, 2014                 [Page 6]


Internet-Draft             NULL Auth in IKEv2              December 2013


5.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC5996]  Kaufman, C., Hoffman, P., Nir, Y., and P. Eronen,
              "Internet Key Exchange Protocol Version 2 (IKEv2)",
              RFC 5996, September 2010.











































Smyslov                   Expires June 27, 2014                 [Page 7]


Internet-Draft             NULL Auth in IKEv2              December 2013


Author's Address

   Valery Smyslov
   ELVIS-PLUS
   PO Box 81
   Moscow (Zelenograd)  124460
   RU

   Phone: +7 495 276 0211
   Email: svan@elvis.ru









































Smyslov                   Expires June 27, 2014                 [Page 8]