Cookie Monster
Leichter, Jerry
leichter_jerrold at emc.com
Fri Sep 19 10:53:32 EDT 2008
On Fri, 19 Sep 2008, Barney Wolff wrote:
| Date: Fri, 19 Sep 2008 01:54:42 -0400
| From: Barney Wolff <barney at databus.com>
| To: EMC IMAP <leichter_jerrold at emc.com>
| Cc: Cryptography <cryptography at metzdowd.com>
| Subject: Re: Cookie Monster
|
| On Wed, Sep 17, 2008 at 06:39:54PM -0400, EMC IMAP wrote:
| > Yet another web attack:
| >
| > As I understand the attack, it's this: Cookies can be marked Secure.
| > A Secure cookie can only be returned over an HTTPS session. An cookie
| > not marked Secure can be returned over any session. So: If a site
| > puts security-sensitive data into a non-Secure cookie, an attacker who
| > can spoof DNS or otherwise grab sessions can send a HTTP page
| > allegedly from the site that set the cookie asking that it be returned
| > - and it will be.
|
| Why on earth would anyone put security-sensitive data in a cookie,
| unencrypted? It's the server talking to itself or its siblings, after
| all, and it's vulnerable to attack on the client's machine.
a) It depends on who you think it has to be secure against. Typical
reasoning: If it's effectively the *client's* information, why/from
whom do I need to protect it while it's on the *client's* machine?
After all, it can only be seen by the client and me.
b) The way this attack is actually likely to be used is to steal a
"logged-in session". If I have the cookie, and can MITM the stream
to the server, I can act "within the logged-in session." I don't
need to be able to decrypt the cookied - the real client has no
need to (but in fact there isn't much point in encrypting, while at
rest, the nonce that identifies the "logged-in session.")
I put "logged-in session" in quotes in agreement with James Donald's
message on this subject.
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list