Slashdot Mirror
Delayed Password Disclosure
ET_Fleshy writes "Markus Jakobsson has an interesting article discussing a promising new security protocol called "Delayed Password Disclosure" that can validate a computers authenticity before exchanging passwords/keys. While nothing is ever truly secure, this seems to show promise in protecting users from a wide variety of stealth attacks (pdf) used today, specifically man in the middle (pdf) attacks."
Forgive me for not reading my latest issue of Cryptographer weekly but how on earth is this any different than RSA fingerprints? It looks like the "envelope" and "carbon paper" are just elements of a pre-shared key anyway.
If you know the fingerprint of the host you are connecting to, you are more or less immune from man-in-the-middle attacks. If you have never communicated with the host before, nothing is going to stop a man-in-the-middle - especially if you have to magically share locations of "carbon paper" without the man-in-the-middle knowing about it.
Karma: SELECT `karma` FROM `users` WHERE `userid`=138474;
Note that use of encryption software, such as SSH, does not address this problem, since the attacker simply can replace the public keys of the two parties with public keys for which it knows the secret keys. This results in the two parties sharing keys with the attacker, as opposed to with each other; as a consequence, the attacker will be able to read (and even modify) all traffic before re-encrypting it and forwarding it.
And this is why you always share public keys via some other secure means (USB drive, cd, floppy), at least in an ideal world. The article talks about this in regards to someone transmitting data to their bank, however if I am not mistaken SSL(not mentioned in the article) already takes care of this kind of attack. Somehow I doubt any joe user is using SSH to authenticate with their bank :-)
I Am My Own Worst Enemy
I'm no cryptography expert, but the secret positions of the carbon paper need to go into "an envelope only Alice can open"- Nowhere in this essay is it explained how this "envelope" is created technologically or how the recipient can interact with it, making the analogy pretty useless (unless I'm missing something). Also, it says that SSH doesn't help with man-in-the-middle attacks, but a third party signing agency, I believe, solves that problem, from what I understand. This "envelope" sounds suspiciously how quantum cryptography works- Is this just an explanation of "quantum cryptography" without mentioning "quantum cryptography"? I'm confused...
My bank (and probably many others) will block an account after three consecutive failed authentication
This is a big hole for denial of service. Try purposely logging into the bank CEO's account with a bad password, and see how quickly the policy is changed.
X.509 Certificates have been known for ages. There's nothing to see here. Please move along.
You gotta love the banks that utilize a person's social, followed by a four digit pin, and unlimited tries.
I mod down so you can mod up. Your welcome.
First of all, we already have protection in protocols such as SSH and SSL against man-in-the-middle attacks. Thus, the paper's whole reason for existence disappears.
Secondly, the security of this "masking" technique depends upon the randomness of the numbers chosen by the server (and, by implication, any man-in-the-middle). I could send a packet containing all zeroes and it would guarantee to sum to zero after applying any mask at all. How does the receiver judge whether the numbers passed are sufficiently random?
Worse yet, as I undertood, the gay is trusting his magic envelopes to block the man in the middle attacks. There is no other place where he verifies that there is nobody on the line (sinmply, the man in the middle can receive the sent menssage, retransmit, receive the password and retransmit, as men in the middle do).
Rethinking email