From: Hal <hfinney@shell.portal.com>
Date: Wed, 11 Oct 95 07:16:11 PDT
To: cypherpunks@toad.com
Subject: Mean Men in the Middle
Message-ID: <199510111415.HAA24732@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


If the MITM is really mean, he can overcome some of the suggestions I
offered for how credentials can be used to defeat him.

First, he could cause the user to download bad software.  PGP,
Netscape, and other secure programs could be patched to have holes.
Even the checksum program could be altered so publishing checksums won't
help.  With this attack he would not even need to substitute keys; he
can just make sure that the fake PGP picks guessable session and secret
keys.

Alternatively, he could defeat the use of key certificates which bind names to
keys by the simple strategem of substituting the name of the user when he
substitutes his keys.  If Alice has all of her posts appearing under
the name of "Bob" unbeknownst to her, then if Bob is the MITM he can get
a certificate and publish it.  All the messages which refer to "Bob" get
changed to refer to "Alice" as they are passed from the net to her,
similar to the key substitution which would also have to be done.  If
Bob's name were a bit unusual this could be done with a simple script.
So even fully valid key certificates may not be effective against MITM
attacks of this type.

Hal