CHAP and iscsi security
456 views
Skip to first unread message
Andy Grover
Sep 12, 2012, 11:30:00 AM9/12/12
to open-iscsi
Hi Mike and everyone,
CHAP is a weak authentication method, and all traffic is sent
unencrypted (unless using IPSec).
Do people use CHAP? Or does its weakness not matter because it's just
used to ensure the wrong initiator doesn't accidentally connect to a target?
Does anyone use IPSec?
In the absence of IPSec should we at least be advocating full-volume
encryption on luns?
Thanks -- Andy
CHAP is a weak authentication method, and all traffic is sent
unencrypted (unless using IPSec).
Do people use CHAP? Or does its weakness not matter because it's just
used to ensure the wrong initiator doesn't accidentally connect to a target?
Does anyone use IPSec?
In the absence of IPSec should we at least be advocating full-volume
encryption on luns?
Thanks -- Andy
Vanush "Misha" Paturyan
Sep 12, 2012, 2:38:19 PM9/12/12
to open-...@googlegroups.com
regardless of
its location (iSCSI LUN or a local hard drive). It worth reminding
yourself that
iSCSI LUN is physically "not in your computer" and if you don't trust
the network
you're on - then you need to encrypt everything.
Misha
> Thanks -- Andy
>
> --
Paul_...@dell.com
Sep 12, 2012, 12:11:04 PM9/12/12
to open-...@googlegroups.com
I disagree with your blanket assertion that CHAP is a weak authentication method. It's strong if the password is a random string, or otherwise strong enough to resist searching attacks. Note that the iSCSI standard requires the use of distinct CHAP secrets for the two directions, if mutual authentication is used, so the reflection attack that classic CHAP suffers from does not apply in iSCSI and cannot work there.
Yes, the traffic is sent in the clear after that. Any protocol that doesn't encrypt the data phase is exposed to eavesdropping and connection hijacking. When you make security decisions about distributed systems, you have to consider the set of possible attacks and decide which ones you need to protect against, and which ones you choose to leave not covered.
CHAP protects against impersonation. It's not just for accidental misconnection, it also handles intentional misconnection, provided that the attacker is not able to perform connection hijacking.
Yes, some iSCSI implementations support IPsec. It remains to be seen whether anyone actually turns it on.
Data at rest encryption is a completely different service that covers a completely different set of attacks. If you mean volume encryption done at the initiator, it protects against eavesdropping but not against data modification; for that you need mechanisms that keep the wrong initiators from connecting, as CHAP does.
paul
Andy Grover
Sep 12, 2012, 5:52:09 PM9/12/12
to open-...@googlegroups.com
On 09/12/2012 09:11 AM, Paul_...@Dell.com wrote:
> On Sep 12, 2012, at 11:30 AM, Andy Grover wrote:
>> CHAP is a weak authentication method, and all traffic is sent
>> unencrypted (unless using IPSec).
>>
>> Do people use CHAP? Or does its weakness not matter because it's
>> just used to ensure the wrong initiator doesn't accidentally
>> connect to a target?
> On Sep 12, 2012, at 11:30 AM, Andy Grover wrote:
>> CHAP is a weak authentication method, and all traffic is sent
>> unencrypted (unless using IPSec).
>>
>> Do people use CHAP? Or does its weakness not matter because it's
>> just used to ensure the wrong initiator doesn't accidentally
>> connect to a target?
> I disagree with your blanket assertion that CHAP is a weak
> authentication method. It's strong if the password is a random
> string, or otherwise strong enough to resist searching attacks. Note
> that the iSCSI standard requires the use of distinct CHAP secrets for
> the two directions, if mutual authentication is used, so the
> reflection attack that classic CHAP suffers from does not apply in
> iSCSI and cannot work there.
Hi Paul,
> authentication method. It's strong if the password is a random
> string, or otherwise strong enough to resist searching attacks. Note
> that the iSCSI standard requires the use of distinct CHAP secrets for
> the two directions, if mutual authentication is used, so the
> reflection attack that classic CHAP suffers from does not apply in
> iSCSI and cannot work there.
Thanks for your lengthy response to my prior email :)
To the degree that good passwords are used, you'd say CHAP is fine for
secure authentication? Does the MS-CHAPv2 vulnerability[1] apply to
either the standard or mutual CHAP auth that the iSCSI rfc defines?
Thanks -- Regards -- Andy
[1] http://technet.microsoft.com/en-us/security/advisory/2743314
Paul_...@dell.com
Sep 13, 2012, 9:54:52 AM9/13/12
to open-...@googlegroups.com
If you believe that connection hijacking and/or man in the middle and/or eavesdropping on the data phase is something you have to defend against, then you need IPsec.
paul
Ulrich Windl
Sep 18, 2012, 7:45:42 AM9/18/12
to open-iscsi
>>> Andy Grover <agr...@redhat.com> schrieb am 12.09.2012 um 17:30 in Nachricht
<5050AA78...@redhat.com>:
Hi!
volume encryption may protect your data from disclosure and directed manipulation, but it won't protect your data from random corruption (via connection hijacking).
CHAP can prevent unauthorized connections to the iSCSI target, not more. Still that's much more security than authenticating by IP address. (MHO)
Regards,
Ulrich
>
> Thanks -- Andy
<5050AA78...@redhat.com>:
volume encryption may protect your data from disclosure and directed manipulation, but it won't protect your data from random corruption (via connection hijacking).
CHAP can prevent unauthorized connections to the iSCSI target, not more. Still that's much more security than authenticating by IP address. (MHO)
Regards,
Ulrich
>
> Thanks -- Andy
Reply all
Reply to author
Forward
0 new messages