IETF Logo Mail Archive

Re: [dix] Agenda bashing

Eric Rescorla <ekr@networkresonance.com> Thu, 06 July 2006 14:23 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FyUlH-0000W6-Km; Thu, 06 Jul 2006 10:23:23 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FyUlG-0000W1-V3 for dix@ietf.org; Thu, 06 Jul 2006 10:23:22 -0400
Received: from raman.networkresonance.com ([198.144.196.3]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FyUlE-0007BZ-Jz for dix@ietf.org; Thu, 06 Jul 2006 10:23:22 -0400
Received: by raman.networkresonance.com (Postfix, from userid 1001) id D8B911E8C1F; Thu, 6 Jul 2006 07:23:19 -0700 (PDT)
To: Eliot Lear <lear@cisco.com>
Subject: Re: [dix] Agenda bashing
References: <20060703172550.A182A222425@laser.networkresonance.com> <44A973DC.9040801@cisco.com> <86zmfqa0au.fsf@raman.networkresonance.com> <8C86E9E37E4BD3C-1288-2A5B@FWM-D05.sysops.aol.com> <44ACA9CF.7090605@cisco.com> <86fyhej3hg.fsf@raman.networkresonance.com> <44AD1A86.1050300@cisco.com>
From: Eric Rescorla <ekr@networkresonance.com>
Date: Thu, 06 Jul 2006 07:23:19 -0700
In-Reply-To: <44AD1A86.1050300@cisco.com> (Eliot Lear's message of "Thu, 06 Jul 2006 16:13:26 +0200")
Message-ID: <864pxuhkx4.fsf@raman.networkresonance.com>
User-Agent: Gnus/5.1007 (Gnus v5.10.7) XEmacs/21.4.19 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 21c69d3cfc2dd19218717dbe1d974352
Cc: Digital Identity Exchange <dix@ietf.org>
X-BeenThere: dix@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: EKR <ekr@networkresonance.com>, Digital Identity Exchange <dix@ietf.org>
List-Id: Digital Identity Exchange <dix.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/dix>
List-Post: <mailto:dix@ietf.org>
List-Help: <mailto:dix-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=subscribe>
Errors-To: dix-bounces@ietf.org

Eliot Lear <lear@cisco.com> writes:

> Eric Rescorla wrote:
>> Well, you could clearly use PwdHash this way. In fact, that's how
>> your industry standard challenge-response token works. But it doesn't
>> really help because you don't have HRA against an attacker who
>> controls the victim's computer. So, they don't capture your
>> authentication string but they capture the immediately following
>> session.
>>   
>
> PwdHash as an algorithm doesn't protect you from a host computer
> compromise.  For that you need architectural separation, which is why
> smart cards etc exist. 

Yes, Eliot, I'm really quite familiar with the principle of 
two-factor authentication. My point was that the algorithm
that PwdHash employs is basically the same one that your 
average challenge response token uses. It's purely a matter
of location.


> It remains up to the end server as to what
> transactions might require additional authentication.  So for instance,
> a bank may choose to authenticate on new payees for online billing or
> for particularly large transactions.  Or not.

The problem is that this only sort-of protects you against host
computer compromise because the token that the user authenticates with
generally isn't cryptographically bound to the request the user
is making. This allows the crimeware to claim it's requesting
you to use your token for innocuous purpose X (e.g, routine
security check) but to actually be using it for malicious purpose
Y. So, it's a liveness check, but not a misuse check. See also
[BF99].

-Ekr

[BF99] "Hand-Held Computers Can Be Better Smart Cards." Dirk Balfanz
and Edward Felten. Proceedings of USENIX Security '99. Washington,
DC. August 1999.
 



_______________________________________________
dix mailing list
dix@ietf.org
https://www1.ietf.org/mailman/listinfo/dix

v2.23.0 | Report a Bug | By Email