WPA2 bugz - One Man's Quick & Dirty Response

Benjamin Kaduk kaduk at mit.edu
Wed Oct 18 22:49:06 UTC 2017 

I fear I must wade into this thread, despite it being thick with FUD.

On Wed, Oct 18, 2017 at 07:27:42PM +0200, WhiteWinterWolf (Simon) wrote:
> Hi Ronald,
> 
> Le 18/10/2017 à 06:00, Ronald F. Guilmette a écrit :
>  >
>  > In message <49252eda-3d48-f7bc-95e7-db716db4ed91 at whitewinterwolf.com>,
>  > "WhiteWinterWolf (Simon)" <freebsd.lists at whitewinterwolf.com> wrote:
>  >
>  >> Ideally, you would use a specific protection for each of these layers,
>  >> so that an vulnerability affecting one layer would be compensated by
>  >> other layers.
>  >
>  > A good point.
>  >
>  > Right about now, I wish that I knew one hell of a lot more about both
>  > NFS and SMB than I do... and also SSH and TLS.  I suspect that the
>  > file sharing protocols I am most concerned about (NFS & SMB) could
>  > perhaps be run in a manner such that both initial volume mounts and
>  > also data blocks (to & from) the share volumes would be additionally
>  > encrypted, so that I could be running everything securely, even if
>  > some attacker managed to do maximally evil things to my WiFi/WPA2
>  > network.
>  >
>  > Do NFS and/or SMB have their own built-in encryption?
> 
> No, not really.
> 
> NFS has no built-in encryption, it may be possible to tunnel it but this 
> is out-of-scope here (using a VPN and tunnel everything would be easier 
> than nitpicking and tunnel only the NFS data flow).

This statement is either false or highly misleading.  NFS (both v3 and v4)
is an RPC protocol, and RPCSEC_GSS exists and can provide per-message
confidentiality protection.  It may be true that Kerberos is basically
the only GSS-API mechanism implemented for RPCSEC_GSS, and the necessary
Kerberos setup is far more painful to set up than it needs to be,
but all modern NFS implementations support it.

> SMB has no widely compatible encryption:
> 
> - Microsoft has built its own, proprietary encryption available and 
> compatible only with the latest Windows versions.
> - Open source implementations rely on TLS, natively supported by some 
> client but requiring (AFAIK) `stunnel` server-side.

I am not a SMB/CIFS expert, but (e.g.)
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508 seems to
indicate that "proprietary" is false, and does not give much support
to the claim that it requires TLS.  (I believe in-kernel TLS support
had not landed by June, when Xenial was getting its fix.)

I am aware that this is a FreeBSD list and the offerings on FreeBSD
for SMB are somewhat limited, but you did not scope your statement
to FreeBSD and so neither do I.

-Ben

More information about the freebsd-security mailing list