[3437] in bugtraq
Re: InterNIC Shenanigans (crypt-pw)
daemon@ATHENA.MIT.EDU (Rogue Agent)
Sat Oct 12 16:47:31 1996
Date: Sat, 12 Oct 1996 11:04:13 -0400
Reply-To: Rogue Agent <agent@l0pht.com>
From: Rogue Agent <agent@l0pht.com>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <199610120047.TAA05574@manifold.algebra.com> from "Igor Chudov @
home" at "Oct 11, 96 07:47:22 pm"
> PGP auth scheme also seems vulnerable to replay attacks.
>
> For example, suppose alice@victim.com sends a signed message to
> hostmaster@internic.net asking him/it to set the nameserver for
> victim.com to box1. Mallory intercepts this message and stores it for
> future attacks.
>
> A year later, Alice decides to move and change a provider, and sends a
> signed message asking to change the domain nameserver to box2. Mallory
> also intercepts it and finds out that alice is moving.
>
> A month later when Alice thinks that she has changed her nameserver
> successfully, Mallory strikes and re-sends the first message. At this
> time, Alice's domain is effectively disabled because it is served by a
> wrong nameserver.
Easiest way to fix this is to have a Date field inside the clearsigned
text, & make sure InterNIC actually looks at it.
RA
agent@l0pht.com (Rogue Agent/SoD!/TOS/attb) - pgp key on request
----------------------------------------------------------------
The NSA is now funding research not only in cryptography, but in all areas
of advanced mathematics. If you'd like a circular describing these new
research opportunities, just pick up your phone, call your mother, and
ask for one.
