On Fri Mar 6 14:42:50 2009, Eric Rescorla wrote:
You MITM the initial connection, then wait for one side to offer his
proof. You then simulate a failure, crack the password, and move
on. Note that if the password is short enough, you can crack it in
real time and move on.
Right, I see.
Surely if I'm talking to Peter, and arrange a shared secret, and then
I find Peter rejects it, I'm going to tell him pretty quickly? I
accept it's possible to circumvent, and there'll be issues with
hardware doing this, though.
>> I heard suggestions of 4 digit PINs. Those can be bruteforced in
less than
>> a second.
>
> Still needs time travel to make this attack work, doesn't it?
No.
This is certainly going to be harder to deal with - the 4-digit pins
are really related to hardware and other such dumb devices. I'd guess
that with SRP, the timescales are simply going to be a bit longer,
though?
Dave.
--
Dave Cridland - mailto:[email protected] - xmpp:[email protected]
- acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
