[133694] in cryptography@c2.net mail archive
Re: once more, with feeling.
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Sun Sep 21 14:52:20 2008
Date: Sat, 20 Sep 2008 15:55:12 -0400
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: pgut001@cs.auckland.ac.nz (Peter Gutmann)
Cc: cryptography@metzdowd.com, dirkx@webweaving.org
In-Reply-To: <E1KgBtw-0006Ly-Tf@wintermute01.cs.auckland.ac.nz>
On Thu, 18 Sep 2008 17:18:00 +1200
pgut001@cs.auckland.ac.nz (Peter Gutmann) wrote:
> - Use TLS-PSK, which performs mutual auth of client and server
> without ever communicating the password. This vastly complicated
> phishing since the phisher has to prove advance knowledge of your
> credentials in order to obtain your credentials (there are a pile of
> nitpicks that people will come up with for this, I can send you a
> link to a longer writeup that addresses them if you insist, I just
> don't want to type in pages of stuff here).
>
Once upon a time, this would have been possible, I think. Today,
though, the problem is the user entering their key in a box that is (a)
not remotely forgeable by a web site that isn't using the browser's
TLS-PSK mechanism; and (b) will *always* be recognized by users, even
dumb ones. Today, sites want *pretty* login screens, with *friendly*
ways to recover your (or Palin's) password, and not just generic grey
boxes. Then imagine the phishing page that displays an artistic but
purely imaginary "login" screen, with a message about "NEW! Better
naviation on our login page!"
If this had been done in the beginning, before users -- and web site
designers, and browser vendors -- were mistrained, it might have
worked. Now, though? I'm skeptical.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
