lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20031213220000.C8628A5@coconut.itojun.org>
Date: Sun, 14 Dec 2003 07:00:00 +0900 (JST)
From: itojun@...jun.org (Jun-ichiro itojun Hagino)
To: tls@....tjls.com
Cc: fw@...eb.enyo.de, aadams@...urityfocus.com,
	bugtraq@...urityfocus.com
Subject: Re: Insecure IKE Implementations Clarification


> On Fri, Dec 12, 2003 at 11:00:31PM +0100, Florian Weimer wrote:
> > Thor Lancelot Simon wrote:
> > 
> > > For what it's worth, the possibility of this general type of attack was
> > > repeatedly discussed in the IPsec working group and is a major reason
> > > why XAUTH was abandoned.  The particular password-stealing attack that I 
> > > describe as been widely discussed among IKE implementors for at least two
> > > years; other implementors probably independently noticed it at least as
> > > early as I did, which was three years ago.
> > 
> > And we have technology deployed that solves exactly the same problem in
> > a reasonable way: SSH.
> 
> Yes and no.  SSH is not, by itself, a network-layer encryption solution,
> and there are many applications where that's really desirable.  The other
> issue is, of course, that SSH's model for authenticating host identities
> is, itself, a mess: in this day and age, it is not acceptable to just
> punt on the problem of first contact and pretend that users will reasonably
> exchange key fingerprints offline.  The widespread success of sniffing
> and MITM attacks on the SSH protocol -- all due to users not doing what
> the protocol, by omitting any means of using a hierarchy or web to validate
> host keys, requires them to do -- should be proof enough of this.

	there are efforts; draft-ietf-secsh-dns-05.txt.

itojun

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ