CFP: PKI research workshop

[Eugene Leitl]

On Tue, 15 Jan 2002, D. A. Honig wrote:

> [Moderator's note: Except that's precisely the point: "Modulo MIM
> attacks" is like saying "we're all immortal, modulo death". The
> question isn't some sort of mystification of identity -- it is being
> able to know that you're talking to the same "Dear Abby" your friends
> have talked to and that you talked to last week. Now that MIM attacks
> have been automated they don't even need sophistication to conduct.
> --Perry]

It requires sophistication to do MIM on a large scale. Active realtime
manipulation of traffic on the global scale is currently beyond the scope
of TLAs (but they're probably rather good at passive listening by now).
Especially, if the initial key exchange is cached, as there's temporal
constraints on the window of vulnerability.

It's not a minor point, and hence needs repeating.

Plus, web of trust mechanisms can always be added later. Rolling out
crypto on a massive scale (MUA-MTA, MTA-MTA, IM, P2P) is where's it's at.

[Moderator's note: This is simply wrong in a commerce situation. I
cannot emphasize that strongly enough. There are tools to assist in
doing MIM attacks out there, and doing it globally isn't needed --
doing it in front of one of amazon.com's ssl servers is what you need
to do, and there are few large installations out there without even a
single vulnerable machine. You need authentication to trust an
encrypted connection, and if you use a connection in commerce you need
to trust it. Even if your one transaction is low value a large site
puts through huge numbers of those low value transactions. --Perry]

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com