May 9th, 2003 04:49 PM
The end of SSL & SSH?
Hereby an article about security and SSL/SSH written by Kurt Seifried.
The basic idea is to use dsniff to grab keys:
I found a forum message pretty well written as a counter agument
Public Key Encryption
There is one fundamental problem with establishing a secure, encrypted connection over the Internet. No matter how you do it, at some point you must initiate the connection over a public and potentially hostile network. Ideally, when two hosts establish a connection, they exchange public keys using a variety of verification processes (Diffie-Hellman being an extremely popular one), and each host properly receives the other's key. Unfortunately, since this must take place over a public and usually insecure network, it is possible for an attacker to intercept the key exchange and subvert it.
What do u think, it is the end or not.
The problem is simply one of the user interface allowing a user to
ignore a security failure. If a remote login utility using a PKI
prompted the user with "host key is not certified, log in anyway?", it
would be no better than SSH implementations. If A kerberized remote
login utility prompted a user with "remote key is incorrect, log in
anyway", it too would be no better.
If this is truly the extent of the flaw Mr. Seifried things requires a
full PKI to fix, I'd like to know why setting isn't a near-complete fix to the "End of SSH" Mr. Seifried predicts.
Personnaly since encryption keys may come in a not encrypted way accross the net during setup, I think the architecture is dangerous.
[shadow] SHARING KNOWLEDGE[/shadow]
May 9th, 2003 04:57 PM
You can't win however. Without a central trusted authority (like the ones for HTTPS), there is no way that a client can know whether a server is genuine. The central trusted authority model introduces a significant admin overhead and is still flawed (people have managed to obtain SSL certificates on others' behalf by social engineering).
What SSH can do is tell you if a server changes its identity, something which should not usually happen. The user can then choose to abort the connection, thus not revealing anything to a man-in-the-middle.
May 9th, 2003 05:33 PM
The classic man in the middle attack. But it is very difficult to pull off as the attacker would have to have control of router or somthing simular.
This is a very complex attack the chances of it happening to anyone of use is very remote. A much bigger problem is an employee with the company who you are send your credit card details to, stealing or copying your details down and then selling them to some else
I\'m a SittingDuck, but the question is \"Is your web app a Sitting Duck?\"
May 9th, 2003 05:53 PM
The security of SSH, PGP, etc relies in the "off-band" validation of the signatures of the exchanged keys. In SSH for example, when you first log on to a remote server, you're prompted with the key-signature of the remote server; in theory, you would validate that signature with the administrator of the server via an "off-band" mean (ie other than the internet; by phone or snail-mail for example). The same holds with PGP public keys; recent PGP even show the key signature as a series of dictionnary words that you can easily read to someone by phone to validate. Of course, most people don't bother validating the keys, hence the security risk, but that's not really the protocol's fault, more of a human error...
Oh, and in the case of SSL (PGP does that in an un-official/decentralised way too though), validity/authenticity of keys is "transitivly verified" by a "web-of-trust". Ex: I, W, trust X who trusts Y, thus, I can trust Y.
Credit travels up, blame travels down -- The Boss
May 20th, 2003 05:02 PM
A very interesting article, thanks Networker for directing me to this post.
When reading about SSL a week ago I was woundering about how these private and public keys could maybe be intercepted. Was interested in useing SSL on my server just as a learning project, I think I would learn more that way, by doing. Though curently seems my server dont suport generating certificate sign requests, so Im looking for other alternitives like freessl and openssl, or a self signed certificate.
A good read thanks for posting.
May 20th, 2003 05:04 PM
[shadow] SHARING KNOWLEDGE[/shadow]
May 20th, 2003 05:24 PM
yeah, that's a pretty decent paper...
just finished reading it...
good post networker
yeah, I\'m gonna need that by friday...