170 likes | 269 Views
Completion of a Light-weight Security Scheme for iSCSI. Prepared by They Yu Shu Lee Ern Yu. Outline. Motivation Previous Work Remaining Issues Improvement. Motivation. Current security schemes for iSCSI: IPsec File System Based Encryption (NTFS, EXT3 and etc.) CHAP, Kerberos, SRP
E N D
Completion of a Light-weight Security Scheme for iSCSI Prepared by They Yu Shu Lee Ern Yu
Outline Motivation Previous Work Remaining Issues Improvement
Motivation Current security schemes for iSCSI: IPsec File System Based Encryption (NTFS, EXT3 and etc.) CHAP, Kerberos, SRP Current security schemes doesn’t worked well on mobile devices. Limited processing power and resources Frequently changes of IP address May not support IPsec or file system that provide data protection mechanism
Previous Work Embedded a light-weight encryption scheme using Dragon Encryption algorithm and HMAC-SHA256 into iSCSI layer Data transfer between initiator and target are secured.
Remaining Issues Phase 1 Authentication and Key Exchange? Dragon is a symmetric key encryption algorithm The default authentication scheme (CHAP) does not secure enough
ATTACKING challenge-Handshake authentication protocol (Chap)
Challenge-Handshake Authentication Protocol • After the Link Establishment phase is complete, the authenticator sends a “challenge” message to the peer. • The peer responds with a value calculated using a “one-way hash” function. • The authenticator checks the response against its own calculation of the expected hash value. If the values match, the authentication is acknowledged; otherwise the connection SHOULD be terminated. • At random intervals, the authenticator sends a new challenge to the peer, and repeats steps 1 to 3. Challenge Authenticator Peer Respond Accept or Reject
Figure 2: A captured CHAP response packet Figure 1: A captured CHAP Challenge packet Code Identifier Length Data …
Attack Method 1 • Information we gathered so far • Username • Server name • Client and server IP • The ID used to compute response • Challenge and associated response • Try dictionary Attack
Attack Method 2 • Requirement in RFC 1994:- • The client MUST answer any challenge it receives Challenge Challenge Challenge Response Response Response Accept Accept
Improvement • Propose to use EC-SRP (Elliptic Curve Cryptography - Secure Remote Password) in the In-Band Initiator-Target Authentication phase.
SRP to EC-SRP • A password authentication and key exchange protocol. • SRP (Secure Remote Password) is already used for iSCSI Authentication • EC-SRP is SRP implementation using ECC (Elliptic Curve Cryptography) • EC-SRP need lesser amount of processing power.
Ongoing Work • Further enhance the research paper “A Lightweight Virtual Storage Security Scheme for Mobile Devices” • Propose to use EC-SRP (Elliptic Curve Cryptography - Secure Remote Password) in the In-Band Initiator-Target Authentication phase. • Comparison between various type of Secure Remote Password (SRP) with EC-SRP
References • Bruce Schneier and Mudge. Cryptoanalysis of Microsoft’s Point-to-Point Tunneling Protocol (PPTP) . • An implementation of the attack described in this paper. http://stealth.7350.org/7350pppd.tgz . • J. Satran, K. Meth, C. Sapuntzakis, M. Chadalapaka, E. Zeidner.: Internet Small Computer Systems Interface (iSCSI), Request For Comments 3720, April 2004. • A. Menezes and S.A. Vanstone. Elliptic curve cryptosystems and their implementations. Journal of Cryptology, 6(4):209{224, 1993. • D. Jablon. Extended password methods immune to dictionary attack. In WETICE '97 Enterprise Security Workshop, Cambridge, MA, June 1997.