1995-10-01 - Re: MITM attacks, the day after …

Header Data

From: Eric Murray <ericm@lne.com>
To: jbass@dmsd.com (John L. Bass)
Message Hash: d7b734b79512445fc4857b16648f15b3bebc1bb1369af8f8b89324af566d36ed
Message ID: <199510011740.KAA01644@slack.lne.com>
Reply To: <9510011649.AA12871@dmsd.com>
UTC Datetime: 1995-10-01 17:25:46 UTC
Raw Date: Sun, 1 Oct 95 10:25:46 PDT

Raw message

From: Eric Murray <ericm@lne.com>
Date: Sun, 1 Oct 95 10:25:46 PDT
To: jbass@dmsd.com (John L. Bass)
Subject: Re: MITM attacks, the day after ...
In-Reply-To: <9510011649.AA12871@dmsd.com>
Message-ID: <199510011740.KAA01644@slack.lne.com>
MIME-Version: 1.0
Content-Type: text/plain


 
> There seem at this point to be two messenger or man in the middle attacks
> on SSL that have enough merit to explore further.
> 
> #1  Attack client binaries to suppress certificate validation, and accept
> ones forged by the filter/MITM. The binary attack could occur during down
> load from NetScape (a good ISP level attack) or after the fact with a virus.
> The client binary would be normally functioning with servers other than the
> attacking MITM filter.

That's not an attack on SSL.   It's an attack on an application.
It's no different, conceptually, than attacking sendmail or MS Word.

The point to attacking SSL is to be able to decode a message from any
browser, without having to do anything extraordinary to the victim's host.
No cryptosystem is proof against an attacker who can see and
control everything you do on the client side (i.e. has root in UNIX
parlance).

So, while your idea #1 might be interesting or fun to do as far as computer
security goes, it's not an attack on SSL. 

> #2  Present client with the filters valid certificate and hope that in the
> rare case the user looks, that they will not question it, or even know what
> a valid one from the real server is.

That points out the flaw in Netscape's authentication model that
others have already pointed out on this list.  Admittedly, like Don
Stephenson just posted, there's not really a good way to distribute
and authenticate certificates until there's a ubiquitous global
CA chain.



-- 
Eric Murray  ericm@lne.com  ericm@motorcycle.com  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF




Thread