Cookie Monster

Leichter, Jerry leichter_jerrold at emc.com
Fri Sep 19 10:53:32 EDT 2008


On Fri, 19 Sep 2008, Barney Wolff wrote:

| Date: Fri, 19 Sep 2008 01:54:42 -0400
| From: Barney Wolff <barney at databus.com>
| To: EMC IMAP <leichter_jerrold at emc.com>
| Cc: Cryptography <cryptography at metzdowd.com>
| Subject: Re: Cookie Monster
| 
| On Wed, Sep 17, 2008 at 06:39:54PM -0400, EMC IMAP wrote:
| > Yet another web attack:
| > 
| > As I understand the attack, it's this:  Cookies can be marked Secure.   
| > A Secure cookie can only be returned over an HTTPS session.  An cookie  
| > not marked Secure can be returned over any session.  So:  If a site  
| > puts security-sensitive data into a non-Secure cookie, an attacker who  
| > can spoof DNS or otherwise grab sessions can send a HTTP page  
| > allegedly from the site that set the cookie asking that it be returned  
| > - and it will be.
| 
| Why on earth would anyone put security-sensitive data in a cookie,
| unencrypted?  It's the server talking to itself or its siblings, after
| all, and it's vulnerable to attack on the client's machine.
a)  It depends on who you think it has to be secure against.  Typical
reasoning:  If it's effectively the *client's* information, why/from
whom do I need to protect it while it's on the *client's* machine?
After all, it can only be seen by the client and me.

b)  The way this attack is actually likely to be used is to steal a
"logged-in session".  If I have the cookie, and can MITM the stream
to the server, I can act "within the logged-in session."  I don't
need to be able to decrypt the cookied - the real client has no
need to (but in fact there isn't much point in encrypting, while at
rest, the nonce that identifies the "logged-in session.")

I put "logged-in session" in quotes in agreement with James Donald's
message on this subject.

							-- Jerry

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list