meet in the middle attacks
Jeffrey Altman
jaltman at columbia.edu
Wed Mar 26 19:20:53 EST 2003
I believe that most browsers and even some TELNET/FTP/SMTP clients that
support START_TLS will allow the certificate to be saved as an
authenticator of the host provided that the certificate is not a
self-signed cert. If you do not want to use a commercial CA, then you
should generate your own CA cert plus one End Entity cert signed by your
CA cert. Use the End Entity cert for your service. This process could
easily be added to the makefile for Apache or even OpenSSL.
- Jeff
Perry E. Metzger wrote:
>I have to say I've watched this with a bit of puzzlement.
>
>Meet in the middle attacks are perfectly real. I've seen them myself,
>and toolkits to perform them are readily available out there. Ian's
>vague comments about a lack of evidence of the economic impact
>notwithstanding, it is unreasonable to leave one's protocols and
>systems open to such attacks.
>
>You do not need an elaborate CA infrastructure to prevent them, of
>course. SSH manages to prevent them simply by having both sides sign
>exchanges using naked (i.e. uncertified) keys that are pre-shared, for
>example. Even use of MACs over exchanged values and pre-shared
>conventional keys can prevent many such attacks.
>
>However, not attempting to prevent such attacks -- especially given
>that they are very effective -- seems foolish at best.
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3427 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20030326/438302f5/attachment.bin>
More information about the cryptography
mailing list