IETF Logo Mail Archive

Re: [atoca] New Version Notification for draft-barnes-atoca-escape-01.txt

Andrew Chi <achi@bbn.com> Wed, 12 September 2012 15:27 UTC

Return-Path: <achi@bbn.com>
X-Original-To: atoca@ietfa.amsl.com
Delivered-To: atoca@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AACE21F8512 for <atoca@ietfa.amsl.com>; Wed, 12 Sep 2012 08:27:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MbSzydsL4NLm for <atoca@ietfa.amsl.com>; Wed, 12 Sep 2012 08:27:38 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by ietfa.amsl.com (Postfix) with ESMTP id EF9C721F84E6 for <atoca@ietf.org>; Wed, 12 Sep 2012 08:27:37 -0700 (PDT)
Received: from dhcp89-089-139.bbn.com ([128.89.89.139]:60574 helo=[127.0.0.1]) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <achi@bbn.com>) id 1TBoqj-0008TZ-Q5; Wed, 12 Sep 2012 11:27:33 -0400
Message-ID: <5050A9C5.1090800@bbn.com>
Date: Wed, 12 Sep 2012 11:27:01 -0400
From: Andrew Chi <achi@bbn.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20120713 Thunderbird/14.0
MIME-Version: 1.0
To: Brian Rosen <br@brianrosen.net>
References: <20120911033801.16598.18619.idtracker@ietfa.amsl.com> <886749D5-885D-471F-A0B7-32DE09C69C5E@bbn.com> <6DDAB886-779C-4F0E-BE34-D80F34E5A456@incident.com> <CABkgnnWGN-GhVzx=0+Ch_H173=g7m2V43KqEtjRMm33LcZBRJw@mail.gmail.com> <22890A80-2C2D-43D4-A74D-081D35E08FFD@incident.com> <BA82C718-1AC9-4C31-99DB-11E70F3DE46E@brianrosen.net>
In-Reply-To: <BA82C718-1AC9-4C31-99DB-11E70F3DE46E@brianrosen.net>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: atoca@ietf.org
Subject: Re: [atoca] New Version Notification for draft-barnes-atoca-escape-01.txt
X-BeenThere: atoca@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion list for the IETF Authority-to-Citizen Alert \(atoca\) working group." <atoca.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/atoca>, <mailto:atoca-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/atoca>
List-Post: <mailto:atoca@ietf.org>
List-Help: <mailto:atoca-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/atoca>, <mailto:atoca-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Sep 2012 15:27:38 -0000

On 9/11/2012 4:22 PM, Brian Rosen wrote:
> The token scheme is not foolproof because an attacker might be able to forge a token value that matches the hash (it could know all the hashes, since it might be a recipient too). Thus, you use the hash test to do trivial discard, and then if you have something that the token check says is valid, then you do the real public key signature check to make sure it's valid.

Slight fix to this statement: forging a token value won't happen since 
that requires computing a pre-image to a cryptographic hash function. 
What *could* happen is that an active MITM could intercept a message 
that already contains a legitimate token, and modify the body while 
leaving the token.  So IMO we still need a signature.

v2.23.0 | Report a Bug | By Email