Better-than-nothing security

Introduction

Better-than-nothing security (BTNS) is IPsec with anonymous public keys. Like ordinary IPsec it can be used to secure communication between hosts or networks by providing confidentiality, integrity and replay protection. However, instead of strong authentication BTNS provides continuity of association, guaranteeing that we're still speaking to the same party as we did when the conversation started.

BTNS uses anonymous public keys sent directly from the peer. These keys might be verified against a locally stored key, but if the configuration allows it we can just accept the public key and go on to the next step, asking the peer to prove that it has the corresponding private key.

BTNS might be useful in combination with an earlier project, Using DNS for IPsec authentication. For example, one might want to fall back to BTNS when no IPSECKEY record is found.

The implementation of BTNS in iked was sponsored by the .SE Foundation during 2012.

Code

I work with OpenBSD's iked daemon. The patches below applies to OPENBSD_5_1.

Patch: Support for raw RSA keys, 2012-08-31.

This makes iked able to use raw RSA keys. It sends a raw RSA keys as the CERT payload and the receiving peer validate the key against a locally stored trusted public key for the sending peer.

Patch: Support for "btns" keyword and fingerprint search.

This patch includes the above patch. It adds the additional "btns" keyword per policy, like this:

set certreq rawrsa
ikev2 active esp from 10.0.0.4 to 10.0.0.6 srcid ipsec1.hack.org btns

When a peer sends its public key and we can't find it's ID, this patch coerces the ID type to PUBLICKEY and computes the fingerprint of the public key and looks for a file named after the fingerprint in "pubkeys/fp". If that isn't found either we look for a special BTNS wildcard.

Please observe: BTNS support is still experimental.

Helper program rsafp. This is a small program to print fingerprints of the RSA keys.

Documentation

The manual pages for iked.conf are updated.

Using iked with raw RSA keys and/or BTNS.

Slides from presentation at FSCONS 2012.

References


Last updated: <2015-08-17 09:48:22 CEST>