Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

SSL would prevent it, Re: Internet security flaw exposes private data

From: David Farber <dave () farber net>
Date: Sun, 17 Jan 2010 12:38:07 -0500


Begin forwarded message:

From: "Ed Gerck, Ph.D." <egerck () nma com>
Date: January 17, 2010 12:05:18 PM EST
To: dave () farber net
Cc: ip <ip () v2 listbox com>
Subject: SSL would prevent it, Re: [IP] Internet security flaw exposes private data

[Dave: For IP, with your consideration]

The sky is not falling.

With at least one authenticated end-point (the end-point server, as usual), SSL would NOT allow a AT&T caching server 
that sits in-between to have had a "correct" SSL session between the wrong two end-points. See A. Menezes et al., 
/Handook of Applied Cryptography/, CRC Press, New York, 1997.

This statement is true even if the AT&T caching server is able not only to modify packets but also to drop incoming 
packets and insert its own packets at will into the traffic, and do so in two-way communication without delay, becoming 
an active man-in-the-middle (which a passive, caching server is not).

This should not be confused with a phishing attack, where the end-user is tricked to go to (for example) 
paypal.fraud.com instead of paypal.com -- and the server end-point is already wrong, or a "bridge" attack where 
(without noticing it) the user goes to the wrong server before SSL starts -- and stays there after SSL starts. The 
second user did reach facebook.com and this would have been enough under one-point authenticated SSL to prevent the 
first user session to be hijacked (which is what happened) as it would not have the correct session keys.

Best regards,
Ed Gerck
www.gerck.com


*From:* Dave CROCKER <dhc2 () dcrocker net <mailto:dhc2 () dcrocker net>>

It's probably important to bust this popular myth:  regular SSL use would have done nothing for preventing or 
resolving this problem.

Typical use of SSL provides privacy from wiretapping, but does not prevent misdirection of the connection during 
setup.

If AT&T was misdirection initial connection setup, then that connection setup would merely have had a "correct" SSL 
session between the wrong two end-points.






-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: