Using crypto against Phishing, Spoofing and Spamming...
Eric Rescorla
ekr at rtfm.com
Sat Jul 17 19:55:39 EDT 2004
Ian Grigg <iang at systemics.com> writes:
> Notwithstanding that, I would suggest that the money
> already lost is in excess of the amount paid out to
> Certificate Authorities for secure ecommerce certificates
> (somewhere around $100 million I guess) to date. As
> predicted, the CA-signed certificate missed the mark,
> secure browsing is not secure, and the continued
> resistance against revision of the browser's useless
> padlock display is the barrier to addressing phishing.
I don't accept this argument at all.
There are at least three potential kinds of attack here:
(1) Completely passive capture attacks.
(2) Semi-active attacks that don't involve screwing with
the network infrastructure (standard phishing attacks)
(3) Active attacks on the network infrastructure.
SSL does a fine job of protecting against (1) and a fairly adequate
job of protecting against (3). Certainly you could do a better job
against (3) if either:
(a) You could directly connect to sites with SSL a la
https://www.expedia.com/
(b) The identities were more user-friendly as we anticipated back in
the days of S-HTTP rather than being domain names, as required by
SSL.
It does a lousy job of protecting against (3).
Now, my threat model mostly includes (1), does not really include
(3), and I'm careful not to do things that leave me susceptible
to (2), so SSL does in fact protect against the attacks in my
threat model. I know a number of other people with similar threat
models. Accordingly, I think the claim that "secure browsing
is not secure" rather overstates the case.
-Ekr
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list