[PP-main] Technical/implementation matters
joakim at simplemente.net
Sun Mar 5 23:11:18 CET 2000
On Sun, Mar 05, 2000 at 09:56:26PM +0000, Andrew Cooke wrote:
> At 03:25 PM 3/5/00 -0600, you wrote:
> >On Sun, Mar 05, 2000 at 09:05:55PM +0000, Andrew Cooke wrote:
>>> [...] How do you deal with
>>> man-in-the-middle attacks using address spoofing, for example?
>>The only way it's possible to do: Using host signatures.
> This means nothing to me - what's to stop someone sitting between the two
> connections to learn host signatures (whatever they are)? Without a
> description of how the connection is made and verified you can't convince a
> sceptic that the system is secure. Saying that you use "host signatures"
> or known ciphers doesn't mean that it is secure. To convince someone it is
> secure you have to describe the way in which the connection is made. If
> you don't want to call it a protocol, fine, but that description has to be
Uh. I think you should perhaps read up slightly on your cryptography. Host
signatures are the way SSL, SSH, and just about every other crypto system out
there deal with man in the middle attacks. The principle is that you know the
cryptographic signature of the host you're connecting to (in other words, you
assume that the first time you connect to it, there's no man in the middle,
or you get the signature through some other means). Once this is done, the
man in the middle attack isn't possible, since it's cryptographically hard
(to the same level as breaking the actual crypto) for the man in the middle
to forge the signature.
This is the only way I know of to deal with the man in the middle attack, and
as I said, it's used by all the major systems. You're correct, saying that we
use host signatures or known ciphers doesn't mean that the system is secure.
But the code is there, take a look at it, it's quite readable, and the flow
is easy to follow. If reading a description of how the system works is enough
to convince you that it's secure, you don't know crypto. The only way to
determine that is to know the theory, and read the source to check for
implementation mistakes. We've eliminated most of the possible sources of
implementation errors by using the ciphers from a very well-known and
publicly scrutinized source, namely the GPG project.
Of course, there will be documentation in the near future. Harping on about
the relative merits of cryptosystems when you're not a cryptographer seems
slightly useless, though. HTTP has crypto. Flux has crypto. Why not look at
the differences instead?
Joakim Ziegler - simplemente r&d director - joakim at simplemente.net
FIX sysop - free software coder - FIDEL & Conglomerate developer
http://www.avmaria.com/ - http://www.simplemente.net/
More information about the Peerpress-main