[6272] in cryptography@c2.net mail archive
Re: Ten Risks of PKI
daemon@ATHENA.MIT.EDU (Jaap-Henk Hoepman)
Tue Dec 14 11:43:33 1999
To: cryptography@c2.net
In-Reply-To: lcs Mixmaster Remailer's message of "13 Dec 1999 18:40:02 -0000"
From: Jaap-Henk Hoepman <hoepman@cs.utwente.nl>
Date: 14 Dec 1999 09:21:57 +0100
Message-ID: <kp4sdmue3e.fsf@utip151.cs.utwente.nl>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
On 13 Dec 1999 18:40:02 -0000 lcs Mixmaster Remailer <mix@anon.lcs.mit.edu> writes:
> > > While this is true, keep in mind that there is more to mounting
> > > a successful cryptographic attack than adding root keys and fake
> > > certificates. It is also necessary to intercept the messages which
> > > might have gone to the legitimate recipient, and possibly decrypt and
> > > re-encrypt them. All this implies an attacker who has at least temporary
> > > write access to the victim's computer, and long term read/write control
> > > over the communication channels he will use.
> >
> > I do not believe this attack requires "long term read/write" access to
> > the victim's computer. If I want to get a forged certificate into a
> > clients Browser all I have to do is convince the user to browse my
> > secure server with Netscape (or another browser) that will prompt the
> > user to install my unrecognized root certificate.
>
> That's a good point, most browsers are configured to make it easy to
> install root certificates.
>
> However this is just the first step in an effective compromise. Now you
> need to get him to use a bogus certificate when he thinks he is using
> a good one. He tries to connect to a secure site, and you need to step
> in and play man in the middle. You must hijack his connection to, say,
> www.amazon.com, and direct it to your own site. Then you can offer your
> bogus cert for www.amazon.com and get it accepted.
Alternatively, the attacker could just register the domain anazon.com (if only
amazon.con were possible :-) or amazon.be ("Look, Amazon's just started a
Belgian branch!"), issue a certificate for that site, and start spreading
banner ads and URL's for this domain.
Jaap-Henk
--
Jaap-Henk Hoepman | Come sail your ships around me
Dept. of Computer Science | And burn these bridges down
University of Twente | Nick Cave - "Ship Song"
Email: hoepman@cs.utwente.nl === WWW: www.cs.utwente.nl/~hoepman
Phone: +31 53 4893795 === Secr: +31 53 4893770 === Fax: +31 53 4894590
PGP ID: 0xF52E26DD Fingerprint: 1AED DDEB C7F1 DBB3 0556 4732 4217 ABEF
