[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

anonymity against active attackers



Draft 08 (pg 8) still keeps an "old" remark on the mechanism provided
by Photuris to keep anonymity. It should be erased. The remark says:

   The scheme is not foolproof.  By posing as the Responder, an active
   attacker could trick the Initiator into revealing its identity.
   However, this active attack is considerably more difficult than
   passive vacuum-cleaner monitoring.  Unless the attacker can steal the
   private/secret key belonging to the Responder, the Initiator will
   discover the deception when verifying the Identification Exchange.

This does not hold anymore. Since the Identification-Messages are now
ordered and the Responder sends its Identification_Message only after
it received the one from the Inititiator (and after it verified validity),
then the Responder will not reveal its identity to a
fake/unknown/unauthorized, etc initiator.

Definitely a good change!

Hugo