[strongSwan] OS X/iOS clients with XAUTH

Martin Willi martin at strongswan.org
Mon Feb 4 10:24:46 CET 2013


Hi Brian,

> I'm finding that clients drop after 45 minutes because the client
> wants to rekey, but doesn't expect to have to perform XAUTH
> authentication again.

Yes, that's a known issue with iOS clients. I didn't know the same
applies to OS X, though.

> sending an OK status immediately instead of a request for
> authentication works. I don't particularly care that XAUTH
> authentication never occurs in this case because I'd be using pure RSA
> if OS X would let me get away with it.

If you do not rely on XAUTH, this is fine. However, other users do the
opposite; they don't rely on RSA (but just use it to securely
authenticate the gateway), and then fully rely on XAuth password
authentication. The private key is considered "public" in such a setup,
but we still have a good level of security (compared to XAUTH+PSK, for
example).

Just skipping XAuth during reauthentication is not really an option
then: There is no cryptographic binding between the old and the new
ISAKMP SA. An attacker could hijack such a connection if it has the
private key.

> Is there any interest in a cleaner patch for this "fake XAUTH" mode?

When I find some time during the next weeks, I'll try to have a look at
it. Maybe there is another way how we can trick iOS to survive that
rekeying procedure.

Regards
Martin





More information about the Users mailing list