> 1. Give your public key to anyone who want its (email what ever..)
> 2. create an SSL connection from client to server.
> 3. Verify that the server is who you think it is (via the public key)
> (client can now trust server)
> 4. Pass an encrypted token to the client (encrypted with client password)
> 5. client decrypts and replies with the decrypted token ( server can
> now
> trust client )
Not bad, this would at least work. It is more hassle for my users, and
less secure, but it beats nothing which is what I have now.
You see, there are some other nice things about hacking the code, I confess,
I did not mention to you earlier.
First, it is much better to generate new private and public keys for
each session. (Hmm, I see you mention this too, later.) It means that
an intruder only has a few seconds to attempt brute force till the connection
is made, then he has other problems breaking in. I don’t know the system
well enough to say just how hard that would be, but I suspect it is real
hard. In any event, it only gets him the one session. He has to do
it all over again on the next session. If sessions are relatively short,
his job is even harder.
Second, it is just more convenient not to ask users to have to deal with
public keys in addition to usernames/passwords.
> As long as you can authenticate the certificate sent by the server
from some CA (could be as simple as
> already having the certificate in your clients personal CA) I am a
bit at a
> loss as to how someone would implement a MIM attack. Now you've really
got
> me curious as to what I missed in this. I can't claim in any way to
be
> an expert on the subject (having never contributed anything significant
> to the openSSL movement) so please let me know if there is a hole in
my thinking
> here, I'm always trying to learn more about SSL and crypto in general.
Ug, I knew you would ask that. I spent a little while looking for the
references on the web, but could not re-discover them. There were two
scenarios for slightly different situations. If you are –real- curious,
I am sure you can find it. One of the ways was to spoof the CA, I think,
though your suggestion of having it contained on the client machine may
help, except: How did it get there securely?
You are right, it is better if the server has a certificate, but that
only gave medium protection. I was not real interested because I knew
I did not want certificates for my application, sorry.
-Corky
__________________________________________________
FREE voicemail, email, and fax...all in one place.
Sign Up Now! http://www.onebox.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
