Completion of a Light-weight Security Scheme for iSCSI

Prepared by They Yu ShuLee Ern Yu

Outline Motivation Previous Work Remaining Issues Improvement

Motivation Current security schemes for iSCSI:

IPsec File System Based Encryption (NTFS, EXT3 and etc.) CHAP, Kerberos, SRP

Current security schemes doesn’t worked well on mobile devices. Limited processing power and resources Frequently changes of IP address May not support IPsec or file system that provide

data protection mechanism

Previous Work Embedded a light-weight encryption

scheme using Dragon Encryption algorithm and HMAC-SHA256 into iSCSI layer

Data transfer between initiator and target are secured.

Performance

00.10.20.30.40.5

512 1024 2048 4096 8192

Block Size (Byte)

iSCSI

iSCSI + IPsec

Our ProposedSolution

Remaining Issues Phase 1 Authentication and Key

Exchange? Dragon is a symmetric key encryption

algorithm The default authentication scheme (CHAP)

does not secure enough

1. After the Link Establishment phase is complete, the authenticator sends a “challenge” message to the peer.

2. The peer responds with a value calculated using a “one-way hash” function.

3. The authenticator checks the response against its own calculation of the expected hash value. If the values match, the authentication is acknowledged; otherwise the connection SHOULD be terminated.

4. At random intervals, the authenticator sends a new challenge to the peer, and repeats steps 1 to 3.

Authenticator

Peer

Challenge

Respond

Accept or Reject

Code Identifier Length

Data …

Figure 1: A captured CHAP Challenge packet Figure 2: A captured CHAP response packet

Information we gathered so far Username Server name Client and server IP The ID used to compute response Challenge and associated response

Try dictionary Attack

Requirement in RFC 1994:- The client MUST answer any challenge it receives

ServerUser Attacker

Challenge

Response

Accept

Challenge

Challenge

Response

Response

Accept

Improvement Propose to use EC-SRP (Elliptic Curve

Cryptography - Secure Remote Password) in the In-Band Initiator-Target Authentication phase.

SRP to EC-SRP A password authentication and key exchange

protocol. SRP (Secure Remote Password) is already used

for iSCSI Authentication EC-SRP is SRP implementation using ECC (Elliptic

Curve Cryptography) EC-SRP need lesser amount of processing power.

Further enhance the research paper “A Lightweight Virtual Storage Security Scheme for Mobile Devices” Propose to use EC-SRP (Elliptic Curve Cryptography -

Secure Remote Password) in the In-Band Initiator-Target Authentication phase.

Comparison between various type of Secure Remote Password (SRP) with EC-SRP

Bruce Schneier and Mudge. Cryptoanalysis of Microsoft’s Point-to-Point Tunneling Protocol (PPTP) .

An implementation of the attack described in this paper. http://stealth.7350.org/7350pppd.tgz .

J. Satran, K. Meth, C. Sapuntzakis, M. Chadalapaka, E. Zeidner.: Internet Small Computer Systems Interface (iSCSI), Request For Comments 3720, April 2004.

A. Menezes and S.A. Vanstone. Elliptic curve cryptosystems and their implementations. Journal of Cryptology, 6(4):209{224, 1993.

D. Jablon. Extended password methods immune to dictionary attack. In WETICE '97 Enterprise Security Workshop, Cambridge, MA, June 1997.

End