On Mon, 14 Oct 2002 12:32:23 EDT, Joe Baptista said:
You mentioned two security protocols above - well they have proven to be
vulnerable.
http://search.cert.org/query.html?col=allcert&col=certadv&col=incnotes&col=research&col=secimp&col=techtips&col=trandedu&col=vulnotes&ht=0&qp=&qt=KDC&qs=&qc=&pw=100%25&ws=1&la=en&qm=0&st=1&nh=25&lk=1&rf=2&rq=0&si=1
http://search.cert.org/query.html?rq=0&ht=0&qp=&qs=&qc=&pw=100%25&ws=1&la=&qm=0&st=1&nh=25&lk=1&rf=2&oq=&rq=0&si=1&col=allcert&col=trandedu&col=vulnotes&col=techtips&col=research&col=certadv&col=incnotes&col=secimp&qt=kerberos
And your point is?
The fact that they're vulnerable doesn't prove your thesis. If anything,
it proves that they were (a) thought of and (b) designed (since otherwise
they'd not exist and therefor wouldn't be vulnerable). Also, it proves that
(c) they were generally considered secure enough that it was worth putting
out a CERT on it (if they had been TOTAL swiss cheese, it wouldn't matter).
Thats exactly my point. I have yet to see anything that can't be
compromised.
I am afraid that if you're waiting for "can't be compromised", you are in
for a VERY long wait. Serious security professionals know that anything CAN
be compromised - the requirement is that it be merely secure enough to deter
an attacker. For instance, a GSA Class 5 cabinet or vault is rated to
store classified material, but is *NOT* impervious to attack. It is merely
required to stand up to a certain amount of time (10 hours for surreptitious
and 15 minutes brute-force, if I remember correctly). The theory is that
if you try to be quiet about it, you'll still be trying to crack it when
the next shift shows up in the morning, and if you brute-force it, you'll
make enough noise that the Marine guard will come and investigate.
Depending on the type of traffic that Carnivore is being used to
intercept, I doubt that the transition to v6 form v4 will be a
concern, absent use of IPsec or S/MIME or SSL/TLS.
I'm not sure what you mean here.
He means that v4 versus v6 won't matter a hill of beans to Carnivore,
what will matter to its data gathering is whether IPSec or other suitable
crypto is used *on top of* the v4/v6 connection.
IPsec does not make IP "less prone to man in the middle interception
..." It makes v4 and v6 immune to such interception. IPv6 will NOT do
IPsec does not make any system immune from man in the middle interception.
Maybe the transmitted data is immune from your average joe in the middle
but not from those who can and have the resources to decrypt these
transmissions. That is after all what intel (intellegence communities) do
as a standard part of their business. Granted IPsec makes it more costly
to view the stream - but not impossible. There is no such thing as an
immune protocol.
OK. I'll grant you that. However, I suggest you look at the amount of
resources needed to actually brute-force decrypt an IPSec connection
when using the recommended algorithms and key lengths - and then ask yourself
whether your threat model includes that scale attack (hint - 3DES isn't twice
as hard to break as single-DES, it's 2^56 or 72,057,594,037,927,936 times
harder. Now, if the EFF DES-breaker cost $250K, you'll need that many of
them - which is well over the US GNP. Which three-letter-agency wants to
spend that much on you, and if it's THAT important, why won't they just
engage in what Marcus Ranum calls "rubber hose cryptography"?
Also, you seem to be confused regarding passive sniffing and what
everybody else considers a Man In The Middle attack, which is an ACTIVE
attack where you simultaneously spoof 2 connections...
I would suggest you read and understand *both* Schneier's "Applied Cryptography"
*and "Secrets and Lies" - they'll probably clarify many things for you.
--
Valdis Kletnieks
Computer Systems Senior Engineer
Virginia Tech
pgp6LC7KGT18j.pgp
Description: PGP signature