Who's afraid of Mallory Wolf?

Jeroen C. van Gelderen jeroen at vangelderen.org
Mon Mar 24 19:50:39 EST 2003


On Monday, Mar 24, 2003, at 11:37 US/Eastern, Peter Clay wrote:

> On Sun, 23 Mar 2003, Ian Grigg wrote:
>
>> Consider this simple fact:  There has been no
>> MITM attack, in the lifetime of the Internet,
>> that has recorded or documented the acquisition
>> and fraudulent use of a credit card (CC).
>>
>> (Over any Internet medium.)
>
> How do you view attacks based on tricking people into going to a site
> which claims to be affiliated with e.g. Ebay or Paypal, getting them to
> enter their login information as usual, and using that to steal money?
>
> It's not a pure MITM attack, but the current system at least makes it
> possible for people to verify with the certificate whether or not the 
> site
> is a spoof.

Correct. On the other hand, in a lot of cases people cannot be expected 
to do the verification. This shows in the number of people that can be 
tricked into being spoofed out of their passwords, even when 
certificates are deployed. That is not an argument against certificates 
though, it is (partially) an argument against broken user interfaces.

> Just out of interest, do you have an economic cost/benefit analysis for
> the widespread deployment of gratuitous encryption?

What makes you say it is gratuitous? Or: how can you state my privacy 
is gratuitous?

> It's just not that important. If your browsing privacy is important,
> you're prepared to click through the alarming messages. If the value of
> privacy is less than the tiny cost of clicking "accept this certificate
> forever" for each site, then it's not a convincing argument for 
> exposing
> people who don't understand crypto to the risk of MITM.

This is illogical. Even if a server operator would prefer to allow 
unauthenticated encryption, he cannot do so without annoying 90% of his 
customers because they too will be getting these alarming messages. In 
general, if my browsing privacy is important to me and the server 
operator is willing to accomodate me, he cannot do so.

This however still does not constitute an argument against 
certificates. It can be morphed as an argument against browsers not 
supporting Anonymous-DH. (Note that I'm favoring treating sites 
offering ADH the same as sites offering a certificate. Each offers 
different functionality which should be distinguishable in the GUI.)

Cheers,
-J
-- 
Jeroen C. van Gelderen - jeroen at vangelderen.org

                 The python
            has, and I fib no fibs,
              318 pairs of ribs.
       In stating this I place reliance
   On a séance with one who died for science.
     This figure is sworn to and attested;
     He counted them while being digested.
             -- Ogden Nash


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list