Status of SRP

Lance James lancej at securescience.net
Thu Jun 1 13:04:36 EDT 2006 

Here's where SRP fails:

1) SSL is built into the browser - doesn't stop phishers
2) Chrome or no chrome good luck getting it in there and having every
user understand it.
3) Traditional phishing works, but if you force them to change, the
malware propagation will only be higher than it is now, and I can give
you the numbers on how much data is stolen with malware (over 2 million
credit cards have been acquired since January via trojan software - how
do I know this, I monitor their blind drops constantly and one group's
daily take is over 150 megs of credentials on average.

SRP suffers from a rollback attack, chrome or no chrome - humans don't
know enough about this, and if the phisher does:

"Hi, we're having a problem with your account system as our SRP database
was corrupted, please login through the webpage to verify your
information and reset your SRP account to working order".

Surprisingly, many would fall for this.

My 2 cents.

-Lance


James A. Donald wrote:
>     --
> James A. Donald wrote:
> > > The obvious solution to the phishing crisis is the
> > > widespread deployment of SRP
>
> Lance James
> > I disagree here, I don't think this will stop phishing
> > for many reasons. Please explain how it would. It will
> > stop "man-in-the-middle" attacks on the protocol, but
> > phishers aren't attacking the protocols themselves.
>
> To be useful, SRP has to be in the browser chrome.
>
> Consider a typical e-gold phish
> : :    You have just made a request to transfer all
> : :    the funds in your account.  Please click here
> : :    <www.e-golb.com/cancel> and login to cancel
> : :    this request if it was made by someone other
> : :    than yourself
>
> Assume e-gold was using SRP login.  The user would
> attempt to login to www.e-golb.com through SRP, and the
> login would fail.
>
> > It's still single-auth and I can still obtain the user
> > password via phishing.
>
> How?
>
> SRP never reveals the login.  It is zero knowledge.
> Instead, both parties prove to each other than they know
> the secret, without revealing the secret.
>
> The only way you can phish the user is to get him to not
> use SRP.  But if he is attempting to use SRP he is not
> typing the password into a web page, but into client
> software running on his own machine, which is going to
> look visibly different from any web page.
>
>     --digsig
>          James A. Donald
>      6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
>      bhZzlPU6DtnwH9s5+PxwPlwhgvD/8iFEI9LcuRXA
>      4x54cCglld16xbMxUa/22CBHVIxtb7yqM78rQ9Ul1
>
>


-- 
Best Regards,
Lance James
Secure Science Corporation
www.securescience.net
Author of 'Phishing Exposed'
http://securescience.net/home/news/phishingexposed.html
**********************************************
* New IntelliFound Service 2 weeks free	     *
* Real-Time Identity Surveillance Service    *
* http://www.securescience.net/		     *
**********************************************


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list