[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bellovin's and Ashar's attacks
The attacks we've been talking about for the last few days are unrealistic.
As pointed out by Steve Bellovin, a simple replay is difficult to counter
because the the legitimate user and the attacker can occupy the same end
point at different times. I think the situation is worse that indicated by
Steve. If the attacker has access to a machine behind the firewall, then
that attacker can simply listen to the plaintext traffic as it is sent from
that host to the firewall. There is not reason to mount a complex replay
attach -- just listen. I do not want to add a huge amount of complexity to
protect against an attacker who can read the traffic before it even gets
protected. If we want to protect data from other users of the same host,
then the encryption better be applied before it is tranmitted at all. In
other words, not firewall crypto.
Russ
Follow-Ups: