+1 with a cherry on top! A cipher is a device for converting a plaintext distribution problem into a key distribution problem.
An ephemeral key-agreement protocol (e.g., Diffie-Hellman) is a device for converting a key distribution problem into an authentication problem. Therefore, authentication is primary. One could say that unauthenticated encryption converts a passive eavesdropping attack into an active man-in-the-middle attack. On 02/27/2011 12:58 PM, bk wrote: > > - If you have the ability to sniff unencrypted traffic, you also have > the ability to hijack unauthenticated HTTPS traffic, it just that > simple. Of the population of people who login to a computer and try to protect information, the percentage of those who have ever used tcpdump or Wireshark is very small. Of those who have looked at a packet capture, the percentage who have ever experimented with active network attack tools is even smaller. Nevertheless, there are off-the-shelf systems that will do it at production scale. Most of us find it much easier to obtain and view a pcap than set up an active man-in-the-middle attack scenario. So converting the attacker from a passive eavesdropper to an active on-line attacker (who probably had to plan ahead a little bit) sure seems like it would represent an increase in security. And maybe it is if you're only defending against the random internet malware of today. But it's of little use if you need to be concerned about a targeted attack (i.e., you have, know, or are something worth defending). Just ask the Iranian government or the Tunisian people. > - ENCRYPTION IS POINTLESS WITHOUT AUTHENTICATION Maybe it's even worse than pointless. 1. Insufficiently-authenticated encryption inevitably gives a false sense of security. 2. Encryption can cause open vulnerabilities to be hidden to passive network monitoring systems. 3. But attackers are not constrained to be passive. Encryption can cause active, ongoing attacks to be hidden from monitoring. Humans, like all living things, have over millions of years evolved sophisticated built-in mechanisms for recognizing each other. We have so much authentication going on at an automatic level that we find it very difficult to judge the magnitude of the task. This is exactly the type of situation that favors the hackers, pentesters, and dictators of countries where the ISPs operate under the Ministry of Information. Let's not make it so easy that it takes all the fun out of it for them. - Marsh _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
