[Cryptography] Toxic Combination

Fedor Brunner fedor.brunner at azet.sk
Tue Dec 2 08:46:28 EST 2014 

On 30.11.2014 23:58, Alfie John wrote:
> On Mon, Dec 1, 2014, at 08:55 AM, Guido Witmond wrote:
>> I'm starting to consider the combination of current best practice with
>> server certificates and password to be a Toxic Combination.
>>
>> The general issue is twofold:
>>
>>     People need to validate the authenticity of a site before typing in
>> their password;
>>
>>     The password gets transmitted to the other party.
> 
> And this is taken advantage of every day by phishing attacks. However
> although your solution of setting up DNSSEC and DANE is the _correct_
> solution, it's just too complex and hard to get right for a lot of
> system admins so it's not going to get uptake - just look at how PGP is
> also the _correct solution_ for encrypting messages and yet has not had
> the uptake since 1991!
> 
> I think a better solution would be something like implementing Digest
> Authentication (RFC 2069, but replacing MD5 with something like AES-256
> and allow it to be upgradable) in the browser. The password field value
> would then be replaced with the value from the DA call and no secrets
> would be leaked. This solution would get way faster adoption.
> 
> Alfie

For example XMPP protocol supports password authentification using
"Salted Challenge Response Authentication Mechanism" (SCRAM)

RFC 5802

This is authentication using salted PBKDF2 calculated with iterated
HMAC-SHA1.

SCRAM supports also channel binding to external secure channels, such as
TLS. This allows for detection of MITM using a valid SSL certificate.
(RFC 5056)

> 
>> Most people assume that if it looks like their bank and the address bar
>> is green then it should be safe. Regrettably, it’s not. Criminals obtain
>> valid certificates using stolen creditcards and passports. The true
>> method for authenticating a site requires verification of server
>> certificate fingerprints. And if you don’t know what that means, you
>> have to spot the spelling errors, the differences in layout and other
>> mistakes to detect the scammers. Good luck!
>>
>> The second part is just as problematic: The password must remain secret,
>> yet it must be transmitted to the other side to log in.
>>
>> This is the Toxic Combination. One failure to detect a scammer’s site
>> and the password is compromised. The scammers can do everything that you
>> can do with the password.
>>
>>
>> [promo]
>>
>> For more information, please see:
>>
>> http://eccentric-authentication.org/blog/2014/11/30/spot-the-differences.html
>>
>> http://eccentric-authentication.org/Usable-Security.pdf
>>
>> [/promo]
>

More information about the cryptography mailing list