Interesting People mailing list archives
SSL would prevent it, Re: Internet security flaw exposes private data
From: David Farber <dave () farber net>
Date: Sun, 17 Jan 2010 12:38:07 -0500
Begin forwarded message: From: "Ed Gerck, Ph.D." <egerck () nma com> Date: January 17, 2010 12:05:18 PM EST To: dave () farber net Cc: ip <ip () v2 listbox com> Subject: SSL would prevent it, Re: [IP] Internet security flaw exposes private data [Dave: For IP, with your consideration] The sky is not falling. With at least one authenticated end-point (the end-point server, as usual), SSL would NOT allow a AT&T caching server that sits in-between to have had a "correct" SSL session between the wrong two end-points. See A. Menezes et al., /Handook of Applied Cryptography/, CRC Press, New York, 1997. This statement is true even if the AT&T caching server is able not only to modify packets but also to drop incoming packets and insert its own packets at will into the traffic, and do so in two-way communication without delay, becoming an active man-in-the-middle (which a passive, caching server is not). This should not be confused with a phishing attack, where the end-user is tricked to go to (for example) paypal.fraud.com instead of paypal.com -- and the server end-point is already wrong, or a "bridge" attack where (without noticing it) the user goes to the wrong server before SSL starts -- and stays there after SSL starts. The second user did reach facebook.com and this would have been enough under one-point authenticated SSL to prevent the first user session to be hijacked (which is what happened) as it would not have the correct session keys. Best regards, Ed Gerck www.gerck.com
*From:* Dave CROCKER <dhc2 () dcrocker net <mailto:dhc2 () dcrocker net>> It's probably important to bust this popular myth: regular SSL use would have done nothing for preventing or resolving this problem. Typical use of SSL provides privacy from wiretapping, but does not prevent misdirection of the connection during setup. If AT&T was misdirection initial connection setup, then that connection setup would merely have had a "correct" SSL session between the wrong two end-points.
------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- SSL would prevent it, Re: Internet security flaw exposes private data David Farber (Jan 17)