Re: New Proposal for Section 11.1.4 Man-in-the-middle

To: Joseph Galbraith <galb-list%vandyke.com@localhost>
Subject: Re: New Proposal for Section 11.1.4 Man-in-the-middle
From: Nicolas Williams <Nicolas.Williams%sun.com@localhost>
Date: Thu, 15 May 2003 14:29:15 -0700

On Thu, May 15, 2003 at 12:13:46PM -0600, Joseph Galbraith wrote:
> > However, this is conditional on the user being sure they really have
> > connected to the right server! I grant that an MITM seeing a
> > public-key authentication request wouldn't be able to use it to gain
> > access to the real server; but they could simply return Yes, and
> > _pretend_ to be the real server for as long as they could get away
> > with it in the absence of a genuine login there, in the hope that
> > the user might try to (for example) connect through to some other
> > system and type a password in. The user would have to verify the
> > connection by requesting some other piece of information from the
> > server which they already knew but which the MITM would be unlikely
> > to guess right.
> 
> Right... this is what the origal claim was;
> man in the middle is not feasable with public
> key.

Yes, and I screwed up in my comment.  What I meant to say was that
pubkey userauth with server host keys that are not securely distributed
is subject to spoofing - but I said instead that it's subject to MITM
attack.  My apologies for the confusion.

> However, as you point out, a spoofing attack
> is-- which really makes this protection quite
> useless.

Right.

Nico
--

References:
- Re: New Proposal for Section 11.1.4 Man-in-the-middle
  - From: Simon Tatham
- Re: New Proposal for Section 11.1.4 Man-in-the-middle
  - From: Joseph Galbraith

Prev by Date: Re: Proposal for New Section 11.1 PRNG
Next by Date: 2nd version - Proposal for New Section 11.1 PRNG
Previous by Thread: Re: New Proposal for Section 11.1.4 Man-in-the-middle
Next by Thread: Re: New Proposal for Section 11.3.3 X11 Forwarding
Indexes:

Home | Main Index | Thread Index | Old Index