No, that is not caused by the unauthenticated protocol, but caused by
the same device to be used with two different doors. Even if the
device would do full authentication and would verify that the door is
in his list of doors which can be opened, attacker could still do the
same thing.
Only way to get rid of that, would be to either put display on the
device telling which door responded, or put multiple buttons to the
device and you would have to bind each button to exactly one door
(i.e. each button using separate key or shared secret).
And, not you do not even need man in the middle in cryptographic
sense, just rerouting the packets from the air to the other
destination would be enough.
So for that kind of uses the device would need to be tied to exactly
one door...
What you're saying is that to secure this system, we need authentication
of the device, either at the IKE level or at the application level (plus
UI improvements). I agree, and suggest again that this is not a good use
case for null or one-way authentication.
Not really authentication of the devices, but at least indication
in the protocol which device the sending command is concerned.
And an ability for the device to understand who it is (garage or kitchen).
That is cheaper than mutual authentication.
Regards,
Valery.
Thanks,
Yaron
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
