[7594] in cryptography@c2.net mail archive
Re: A proposal for secure videoconferencing and video
daemon@ATHENA.MIT.EDU (James A. Donald)
Fri Jul 28 08:11:19 2000
Message-Id: <4.3.1.2.20000727211623.026ed8f8@shell11.ba.best.com>
Date: Thu, 27 Jul 2000 22:18:02 -0700
To: Steve Reid <sreid@sea-to-sky.net>, "James A. Donald" <jamesd@echeque.com>
From: "James A. Donald" <jamesd@echeque.com>
Cc: Eugene Leitl <eugene.leitl@lrz.uni-muenchen.de>, coderpunks@toad.com,
cryptography@c2.net
In-Reply-To: <20000727170204.A420@grok.localnet>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
--
At 05:02 PM 7/27/2000 -0700, Steve Reid wrote:
> Someone can pull off a man-in-the-middle attack without having to
> "put on make up, [and] declare himself to be the other person". I
> think MITM could be done effectively against your protocol without
> requiring special help from the server. Some trivial misdirection
> is all that is required...
>
> [...]
>
> Mallory sends The Real Alice an email claiming to be from The
> Real Bob (this can be done with the usual spoofing) , telling Alice
> that she can contact "him" as "Bob'"
Mallory can do this, but he cannot do it safely. The likelihood of
exposure is very high, and the longer the deception continues, the greater
the prospect it will be exposed.
With email, one needs multiple addresses. With a presence protocol, one
does not. One's presence connection follows one around, wherever one may
be. hence "contact me as YYYY@XXXX" messages are unusual and worthy of
mention.
If this is Alice's first contact with Bob through the secure protocol, she
will surely mention how she obtained his address, exposing Mallory.
If this is one of many contacts, the fact that Bob is allegedly changing
his address will be unusual, and worthy of comment, resulting in a
substantial risk of exposure to Mallory.
Alice may well be already on Bob's buddy list by her true account name. If
this is the case, the fact that the person contacting him is not on his
buddy list will draw Bob's attention to the fact that her account name has
mysteriously changed, which he is likely to mention, exposing Mallory.
Suppose Mallory gets away with it once. He cannot go on getting away with
it indefinitely.
Things will get especially difficult for Mallory if Bob and Alice check
into a conference call, into a chat room.
Suppose Bob and Alice want to bring Carol into their discussions. Now
Mallory needs to have anticipated this, and fed both Bob and Alice with a
false address for Carol.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
77nP+A+D30tBirybWdit4bMREKlemeSbbsWOTeFa
4bgXGklB9iCdvrOOFS1Iw/2BB10sCfwZREolawi4V
