Bugtraq mailing list archives
Re: "The End of SSL and SSH?"
From: Ryan Russell <ryan () SECURITYFOCUS COM>
Date: Wed, 20 Dec 2000 20:39:22 -0800
First Pedantic! On Wed, 20 Dec 2000, Crispin Cowan wrote:
What Kurt is describing is the "initial key placement" problem, and it is endemic to all cryptographic protocols. No matter what you do, if you want to authenticate some remote party with a cryptographic secret, you must find some way to deliver the secret to the other party securely, or you end up subject to the man-in-the-middle attack. Your crypto system is not a viable option, because by definition the keys that make it work are not in place yet. You can think of it as a requirement for a secure "introduction", in the Victorian sense.
Secret isn't the right word. In order for a crypto key exchange to not be vulnerable to a MITM attack, there must be some bit of info that the two participants share. It's easy to see how it works with a secret. SSL style certificates are the best (most practical so far) example of a non-secret bit of info that has been pre-shared (you download it with your browser binaries.) Everyone knows the Verisign public key. You could put that bit of the SSL protocol into SSH without much trouble. I kinda question how safe a private key will be on a box you've got people SSHing into, though. How about having an SSH master domain server thingy? The first time you SSH into the "main" box for a site, all of the SSH server keys for that site get shot down to your SSH client. Only one opportunity for the MITM attack that way, as opposed to how ever many servers you've got. That would even make manual distribution of a chunk of keys more palatable. Or you could PGP sign the block of them. Or get a CA to sign a block of them. Ryan
Current thread:
- Re: sshmitm, webmitm, (continued)
- Re: sshmitm, webmitm Boris Lorenz (Dec 21)
- "The End of SSL and SSH?" Perry E. Metzger (Dec 20)
- Re: "The End of SSL and SSH?" Kurt Seifried (Dec 19)
- Re: "The End of SSL and SSH?" Perry E. Metzger (Dec 19)
- Re: "The End of SSL and SSH?" Stefan Monnier (Dec 20)
- Re: "The End of SSL and SSH?" Brett Glass (Dec 20)
- Re: "The End of SSL and SSH?" Crispin Cowan (Dec 20)
- Re: "The End of SSL and SSH?" Ajax (Dec 20)
- Re: "The End of SSL and SSH?" Eric Rescorla (Dec 21)
- Re: "The End of SSL and SSH?" Kurt Seifried (Dec 19)
- Re: "The End of SSL and SSH?" Damien Miller (Dec 21)
- Re: "The End of SSL and SSH?" Ryan Russell (Dec 21)
- Re: "The End of SSL and SSH?" Michael H. Warfield (Dec 20)
- Re: "The End of SSL and SSH?" Perry E. Metzger (Dec 21)
- Re: "The End of SSL and SSH?" Eric Rescorla (Dec 21)
- Re: "The End of SSL and SSH?" Samuele Giovanni Tonon (Dec 21)
- Re: "The End of SSL and SSH?" - mongo followup Kurt Seifried (Dec 24)
- Re: "The End of SSL and SSH?" Darren Reed (Dec 21)