* Jonathan Thornburg:

> Ahh, but how do you know that the transaction actually sent to the
> bank is the same as the one you thought you authorized with that OTP?
> If your computer (or web browser) has been cracked, you can't trust
> _anything_ it displays.  There are already viruses "in the wild"
> attacking German online banking this way:
>   http://www.bsi.bund.de/av/vb/pwsteal_e.htm

Of course you don't.  In some sense, the next-generation security
technology which U.S. banks plan to roll out (either voluntarily, or
due to regulation) has already been broken in Germany.

If you bring the topic up in discussions, the usual answer is "don't
MITM me!" (meaning: "Don't mention man-in-the-middle attacks,
including compromised customer systems, because you know we can't
defend against them! This is not fair!").  But this is not a valid
response when experience shows that the relevant attacks *are* MITM

> I also don't trust RSAsafe or other such "2-factor authentication"
> gadgets, for the same reason.

I'm always glad to read someone who agrees with me on this matter. 8-)

I don't understand why almost everyone is in a frenzy to deploy them.
If you can somehow weasel through the next 6 months or so, it will be
completely non-repudiatable that transactions covered by two-factor
authentication are fully repudiatable.  You can save a lot of money
(including your customers' money) if you manage to skip this
technology cycle.  The only problem could be that the media and
security experts smack you if you don't deploy the same, broken
countermeasures everyone else does.

By the way, one interesting aspect of the online banking problem is
its implications for threat modelling, attack trees, and similar
approaches.  It would be interesting to compare a few models and why
they fail to adequately describe the situation.  My hunch is that
these models do not take two factors into account: Attacks aren't
targeted by the cost/revenue alone, tradition plays a major role, too,
as does sheer luck.  And you are caught in a feedback loop; the
attacks change as you deploy new countermeasures, and the changes are
mostly unpredictable.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to