Note that SSH is vulnerable to a Man in the Middle attack (not meet in
the middle -- that is an attack on 2DES where you attack from the
input and output and then "meet in the middle").  In particular SSH is
vulnerable if you do NOT have the long-term server key cached on the

That notwithstanding, I think that Ian is just upset about
paying for an SSL Cert and wants a way to setup an SSL/TLS server
without paying homage to one of the Big Three (or is it down
to Big One at this point?).  Ignore the fact that he could
use self-signed certs and be as secure as SSH.


"Perry E. Metzger" <[EMAIL PROTECTED]> writes:

> I have to say I've watched this with a bit of puzzlement.
> Meet in the middle attacks are perfectly real. I've seen them myself,
> and toolkits to perform them are readily available out there. Ian's
> vague comments about a lack of evidence of the economic impact
> notwithstanding, it is unreasonable to leave one's protocols and
> systems open to such attacks.
> You do not need an elaborate CA infrastructure to prevent them, of
> course. SSH manages to prevent them simply by having both sides sign
> exchanges using naked (i.e. uncertified) keys that are pre-shared, for
> example. Even use of MACs over exchanged values and pre-shared
> conventional keys can prevent many such attacks.
> However, not attempting to prevent such attacks -- especially given
> that they are very effective -- seems foolish at best.

       Derek Atkins
       Computer and Internet Security Consultant

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to