David Molnar <[email protected]> writes: >Service from a group at CMU that uses semi-trusted "notary" servers to >periodically probe a web site to see which public key it uses. The notaries >provide the list of keys used to you, so you can attempt to detect things >like a site that has a different key for you than previously shown to all of >the notaries. The idea is that to fool the system, the adversary has to >compromise all links between the target site and the notaries all the time.
I think this is missing the real contribution of Perspectives, which (like almost any security paper) has to include a certain quota of crypto rube- golbergism in order to satisfy conference reviewers. The real value isn't the multi-path verification and crypto signing facilities and whatnot but simply the fact that you now have something to deal with leap-of-faith authentication, whether it's for self-generated SSH or SSL keys or for rent-a- CA certificates. Currently none of these provide any real assurance since a phisher can create one on the fly as and when required. What Perspectives does is guarantee (or at least provide some level of confidence) that a given key has been in use for a set amount of time rather than being a here-this- morning, gone-in-the-afternoon affair like most phishing sites are. In other words a phisher would have to maintain their site for a week, a month, a year, of continuous operation, not just set it up an hour after the phishing email goes out and take it down again a few hours later. For this function just a single source is sufficient, thus my suggestion of Google incorporating it into their existing web crawling. You can add the crypto rube goldberg extras as required, but a basic "this site has been in operation at the same location with the same key for the past eight months" is a powerful bar to standard phishing approaches, it's exactly what you get in the bricks-and-mortar world, "Serving the industry since 1962" goes a lot further than "Serving the industry since just before lunchtime". Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [email protected]
