Loading ...
Sorry, an error occurred while loading the content.

Re: [p2p-hackers] Re: [rest-discuss] Re: RESTful authorization

Expand Messages
  • Laurian Gridinoc
    Hello ... The issue is how does the client know that the login page with the above javascript was not modified by the MITM? There is an ongoing discussion on
    Message 1 of 3 , Sep 30, 2005
    • 0 Attachment
      Hello

      On 9/30/05, Lucas Gonze <lgonze@...> wrote:
      > Given that:
      > The client has received at least one ID by secure means, and the client
      > wants to fetch the corresponding representation.
      > SSL/TLS is not available.
      > The client has javascript.
      > On the client:
      > $salt = newRandomNumber();
      > $hashed = hash(concat($id,$salt))
      > $representation = GET /mapper?hashed=$hashed&salt=$salt
      > [...]

      The issue is how does the client know that the login page with the
      above javascript was not modified by the MITM?

      There is an ongoing discussion on webappsec@... about
      "Must we authenticate login forms (using SSL?)?" see below a nice
      issue about challenge-response and MITM:

      ---------- Forwarded message ----------
      From: Rogan Dawes <discard@...>
      Date: Sep 30, 2005 11:54 AM
      Subject: Re: Must we authenticate login forms (using SSL?)?
      Cc: Web Application Security <webappsec@...>

      [...]

      The core problem with any security mechanism that is implemented using
      "stuff" (Javascript, Java applet, etc) that is downloaded from the
      server that you are visiting is that any man in the middle attack can
      simply remove that mechanism, and substitute it with their own.

      e.g. My bank logon script performs an MD5 hash of the username and
      password before sending it to the bank. The MITM tricks me to visiting
      their own site, and just "proxies" the comms to the real site. However,
      they strip out the MD5 hashing script,and replace it with an "identity"
      function (i.e. the output is the same as the input). When the MITM
      receives the form submission, it is trivial for them to extract the
      username and password from the form, replace it with the MD5 hash
      expected, and pass it on to the real bank.

      I had started implementing/experimenting with using Secure Remote
      Password (http://srp.stanford.edu/) for authentication to a secure web
      site, with the idea that the password is never transmitted in clear, or
      in a recoverable form. However, this stumbling point convinced me that
      I'd be wasting my time!

      One reason that SSL client certs offer real protection is that they are
      not controllable by page content, and do not rely on something that
      comes down from the site you are visiting.

      Regards,

      Rogan
      ---------- End Forwarded message ----------
    Your message has been successfully submitted and would be delivered to recipients shortly.