Re: Hardware potential to duplicate existing host keys... RSA DS
RW <rwmaillists@googlemail.com> writes:
> Dag-Erling Sm=C3=B8rgrav <des@des.no> writes:
> > [host keys] are used for authentication only. This is crypto 101.
> It also generates a shared secret for key exchange, which is pretty
> much what I said.
No. It is used to *sign* the key exhange, in order to authenticate the
server. It is not used to *generate* the key. You need to read up on
Diffie Hellman and the SSH transport layer (RFC 4253). The only way to
intercept the key is a man-in-the-middle attack (negotiate a KEX with
the client, sign it with the stolen host key, and negotiate a KEX with
the server, pretending to be the client)
> > Having a copy of the host key allows you to do one thing and one thing
> > only: impersonate the server. It does not allow you to eavesdrop on
> > an already-established connection.
> It enables you to eavesdrop on new connections, and eavesdroppers
> are often in a position to force reconnection on old ones.
No.
DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 25 之 26 篇):