Slashdot Mirror

← Back to Stories (view on slashdot.org)

Attacks Against SSH 1 And SSL

Posted by michael on from the only-a-matter-of-time dept.

AndyR writes: "SecurityPortal has a very interesting article by Kurt Seifried in which he writes "dsniff 2.3 allows you to exploit several fundamental flaws in two extremely popular encryption protocols, SSL and SSH." He makes many very strong arguments about key validity and the problem with not having a trusted third party signing keys." Don't throw away SSH just yet, it's still a lot better than nothing.

2 of 170 comments (clear)

  1. just mitm by QuMa · · Score: 5
    It's just a man in the middle attack, hardly worth the electrons it's published with. Anyways, it claims man in the middle is fundamentel to public key is not true. The interlock protocol by rivest and shamir is quite effective against this sort of thing... The following description is quoted from Applied Cryptography by Bruce Schneier, second edition (page 49):

    The interlock protocol, invented by ron rivest and adi shamir, has a good chance of foiling the man-in-the-middle attack. Here's how it works:
    1. Alice sends bob her public key.
    2. Bob sends alice his public key.
    3. Alice encryptions her message using bob's public key. She sends half of the encrypted message to bob.
    4. Bob encrypts his message using alice's public key. He sends half of the encrypted message to alice.
    5. Alice sends the other half of her encrypted message to bob.
    6. Bob puts the two halves of alice's message together and decrypts it with his private key. Bob sends the other half of his encrypted message to alice.
    7. Alice puts the two halves of bob's message together and decrypts it with her private key.
    The improtant point is that half of the message is useless without the other half; it can't be decrypted. Bob cannot read any part of alice's message until step 6; Alice cannot read any part of bob's message until step 7. There are a number of ways to do this:
    • If the encryption algorithm is a block algorithm, half of each block (e.g., every other bit) could be sent in each half message.
    • Decryption of the message could be dependent on an initialisation vector, which could be sent with the second half of the message.
    • The first half of the message could be a one-way hash function of the encrypted message and the encrypted message itself could be the second half.
    To see how this causes a problem for Mallory, let's review his attempt to subvert the protocol. He can still substitute his own public keys for alice's and bob's in steps 1 and 2. But now, when he intercepts half of alice's message in step 3, he cannot decrypt it with his private key and re-encrypt it with bob's public key. he must invent a totally new message and send half of it to bob. When he intercepts half of bob's message to alice in step 4, he has the same problem.
  2. dsniff URL by phaze3000 · · Score: 5

    For those that want to check out dsniff itself, the URL is:

    http://www.monkey.org/~dugsong/dsniff/

    Clever stuff...


    --

    --
    Blaming GW Bush for the Iraq war is like blaming Ronald McDonald for the poor quality of food.