[Cryptography] Better than passwords and cookies
Jerry Leichter
leichter at lrw.com
Tue Mar 18 06:56:24 EDT 2014
On Mar 17, 2014, at 6:17 PM, Paul Hoffman <paul.hoffman at vpnc.org> wrote:
>>>> Maybe you merely (re-)invented the HTML cookie holding the client private key.
>>> An HTML cookie isn't bound to the end-to-end connection context. A MITM simply passes it through. The signed information I'm suggesting the client send *is* bound to that context, and isn't subject to this trivial vulnerability.
>>
>> https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final162.pdf
> The OBC work kind of died, but we have many of the ideas in
> http://tools.ietf.org/html/draft-ietf-httpauth-hoba-02
Unfortunately this is just a small subset of the original OBC proposal. All the MITM protection has been stripped out. The certs here are used to replace traditional login mechanisms (something I was skeptical of for the certs I was suggesting), and the authentication is bound to the identities of the two ends, not to the particular endpoint-to-endpoint connection rendering it useless as protection against MITM attacks.
Of course, if the HOBA mechanism *were* to be standardized, its certs might be useful for building a MITM protection mechanism. But that would require an additional layer of standardization.
Why did the OBC stuff die out? Inertia, lack of interest, or objections from somewhere?
-- Jerry
More information about the cryptography
mailing list