[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
It occurs to me that no one has directly addressed the "Replay Attack."
Perhaps it is outside the scope of spki but then, what do I know?
A contrived example:
You sign a Purchase Order (for delivery of a color TV) with your certified
key, and forward the PO to the supplier, e-mail-wise. The supplier receives
the PO, but the wily hacker (who has gained illicit access to one of the
intervening mailservers) takes this sequence of packets and replays them to
the supplier over a period of several days. Three weeks later, a semi pulls
up to your door and you are asked to accept delivery of 20 color TVs.
Here, the MITM is not attributing their words to you (imposteur), or your
words to them (plagarism) but is attributing your (signed!) words to you,
over and over again.
My first thought was that short-term-certs might address this, but I then
realized that each of the (20) documents was *signed* while the key was
certified (in fact, they were all signed at the same time.) It would seem
that the problem can only be avoided by a more extensive handshake during
such transactions, requiring that you sign a timestamped challange that the
supplier receives with within a limited timeframe. If anyone knows how the
spki framework can address this (or why it doesnt need to, is mitigated
through other mechanisms or assumptions) I would like to hear about it.
Tony Bartoletti LL
SPI Project Leader LL LL
Computer Security Technology Center LL LL LL
Lawrence Livermore National Lab LL LL LL
PO Box 808, L - 303 LL LL LLLLLLLL
Livermore, CA 94551-9900 LL LLLLLLLL
email: firstname.lastname@example.org phone: 510-422-3881 LLLLLLLL