[17356] in cryptography@c2.net mail archive
Re: What happened with the session fixation bug?
daemon@ATHENA.MIT.EDU (Ben Laurie)
Sat Jun 4 12:13:12 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sat, 04 Jun 2005 10:33:36 +0100
From: Ben Laurie <ben@algroup.co.uk>
To: "James A. Donald" <jamesd@echeque.com>
Cc: cryptography@metzdowd.com, cypherpunks@lne.com
In-Reply-To: <4291A456.20834.19090CB@localhost>
James A. Donald wrote:
> --
> James A. Donald:
>
>>>PKI was designed to defeat man in the middle attacks
>>>based on network sniffing, or DNS hijacking, which
>>>turned out to be less of a threat than expected.
>>>
>>>However, the session fixation bugs
>>>http://www.acros.si/papers/session_fixation.pdf make
>>>https and PKI worthless against such man in the
>>>middle attacks. Have these bugs been addressed?
>
>
> On 20 May 2005 at 23:21, Ben Laurie wrote:
>
>>Do they exist? Certainly any session ID I've ever had
>>a hand in has two properties that strongly resist
>>session fixation:
>>
>>a) If a session ID arrives, it should already exist in
>>the database.
>>
>>b) Session IDs include HMACs.
>
>
> The way to beat session fixation is to issue a
> privileged and impossible to predict session ID in
> response to a correct login.
>
> If, however, you grant privileges to a session ID on the
> basis of a successful login, which is in fact the usual
> practice, you are hosed. The normal programming model
> creates a session ID, then sets variables and flags
> associated with that session ID in response to forms
> submitted by the user. To prevent session fixation, you
> must create the session ID with unchangeable privileges
> from the moment of creation.
Why? I suspect you are thinking of an attack other than session
fixation. How does your attack work?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
