Re: Hardware potential to duplicate existing host keys... RSA DS

On Mon, 25 Jun 2012 14:59:05 -0700
Doug Barton wrote:

> >> Having a copy of the host key allows you to do one thing and one
> >> thing only: impersonate the server.  It does not allow you to
> >> eavesdrop on an already-established connection.
> > 
> > It enables you to eavesdrop on new connections,
> 
> Can you describe the mechanism used to do this? 

Through a MITM attack if nothing else
> 
> > and  eavesdroppers
> > are often in a position to force reconnection on old ones.
> 
> If you can get on the network link between the client and the host,
> yes, you can force an existing connection to drop. But that doesn't
> require the host's secret key.

I didn't say it did, I was referring to the statement: "It does not
allow you to eavesdrop on an already-established connection."

> >> If the server is set up to require key-based user authentication,
> >> an attacker would also have to obtain the user's key to mount an
> >> effective man-in-the-middle attack.
> > 
> > If an attacker is only interested in a specific client, it may not
> > be any harder to break the second public key, than the first one. 
> 
> Well that's just plain nonsense. The moon "may" be made of green
> cheese.

It depends on the nature of the attack, but the possibility that two
arbitrary keys are of similar strength under a specific attack is not
on a par with the moon being made of cheese.  
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"