cryptography  

Re: Who's afraid of Mallory Wolf?

Jeroen C. van Gelderen
Mon, 24 Mar 2003 17:01:07 -0800


On Monday, Mar 24, 2003, at 11:37 US/Eastern, Peter Clay wrote:

On Sun, 23 Mar 2003, Ian Grigg wrote:

Consider this simple fact:  There has been no
MITM attack, in the lifetime of the Internet,
that has recorded or documented the acquisition
and fraudulent use of a credit card (CC).

(Over any Internet medium.) 

How do you view attacks based on tricking people into going to a site
which claims to be affiliated with e.g. Ebay or Paypal, getting them to
enter their login information as usual, and using that to steal money?

It's not a pure MITM attack, but the current system at least makes it
possible for people to verify with the certificate whether or not the site
is a spoof.

Correct. On the other hand, in a lot of cases people cannot be expected to do the verification. This shows in the number of people that can be tricked into being spoofed out of their passwords, even when certificates are deployed. That is not an argument against certificates though, it is (partially) an argument against broken user interfaces.

Just out of interest, do you have an economic cost/benefit analysis for
the widespread deployment of gratuitous encryption?

What makes you say it is gratuitous? Or: how can you state my privacy is gratuitous?

It's just not that important. If your browsing privacy is important,
you're prepared to click through the alarming messages. If the value of
privacy is less than the tiny cost of clicking "accept this certificate
forever" for each site, then it's not a convincing argument for exposing
people who don't understand crypto to the risk of MITM.

This is illogical. Even if a server operator would prefer to allow unauthenticated encryption, he cannot do so without annoying 90% of his customers because they too will be getting these alarming messages. In general, if my browsing privacy is important to me and the server operator is willing to accomodate me, he cannot do so.

This however still does not constitute an argument against certificates. It can be morphed as an argument against browsers not supporting Anonymous-DH. (Note that I'm favoring treating sites offering ADH the same as sites offering a certificate. Each offers different functionality which should be distinguishable in the GUI.)

Cheers,
-J
--
Jeroen C. van Gelderen - [EMAIL PROTECTED]

                The python
           has, and I fib no fibs,
             318 pairs of ribs.
      In stating this I place reliance
  On a séance with one who died for science.
    This figure is sworn to and attested;
    He counted them while being digested.
            -- Ogden Nash


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]