[Cryptography] So please tell me. Why is my solution wrong?

Joseph Kilcullen kilcullenj at gmail.com
Fri Feb 10 04:54:52 EST 2017 

On 09-Feb-17 11:04 AM, Ben Tasker wrote:
>
> If I was implementing this, I'd probably tie the image to something in 
> the site's certificate (whether that's a hash of the pub key or 
> whatever), so the first time you hit a https site you'd need to be 
> prompted to set a memorable image. So even if I've set for 
> fidelity.com <http://fidelity.com> I'd get a prompt when I hit 
> fidelity.biz <http://fidelity.biz>
>

Mostly I agree with all this but I'll just clarify some stuff. The image 
could be chosen when your browser is updated to implement the solution. 
There is no link to individual internet addresses. Once the browser 
verifies the digital signature, you get fig 1 with info from inside the 
TLS certificate.

> The problem with that, of course, is when people switch browsers, the 
> image isn't going to be there, and (combined with possible bugs 
> causing you to have to re-set it) people are going to get complacent 
> and just reset the image when they hit fidelity.biz 
> <http://fidelity.biz>, defeating the point.
>

Yes. I guess the solution should be implemented on an account level. So 
any browser hitting TLS will ask the operating system for the image.

>  (to avoid the prompt on sites that don't require it), but then 
> fidelity.biz <http://fidelity.biz> would just omit it from their cert 
> and we'd be back to relying on the user noticing that something's missing.

Cool, you're getting it! Yes, I agree, sites would request the login 
screen. They would never be able to get the image, but they can ask your 
browser to show it to you.

>
> I've only skimmed the paper, but to be honest, I think you'd almost 
> get equal benefit (and setup annoyance) from having the browser inject 
> a big red "WARNING: YOU'VE NEVER VISITED THIS SITE BEFORE" when you 
> visit a new https site for the first time. That at least has the 
> advantage of having something the user can see, rather than the 
> absence of something they usually see.
>

Excellent!!! That warning is local knowledge, just like the image. It 
fits the definition of a secret shared between you and your web browser. 
So, you are correct i.e. your suggestion is consistent with my paper's 
findings.








-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170210/4c1f7e15/attachment.html>

More information about the cryptography mailing list