bergman on 24 Dec 2008 11:57:40 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] https and wireless computing

In the message dated: Wed, 24 Dec 2008 14:24:21 EST,
The pithy ruminations from Gordon Dexter on 
<Re: [PLUG] https and wireless computing> were:
=> No, a man-in-the-middle attack is not possible using HTTPS.  The reason 

It is possible, but there are (as you point out) warnings or other indications 
that something is wrong. Unfortunately, most people don't recognize or 
understand those indications, or ignore the warning.


=> If the common name and the domain name don't match, browsers will 
=> generate a scary-looking warning that there might be something nefarious 
=> going on.  In most cases it's a poorly-configured website, or perhaps 

Right. The problem is that most people simply accept the warning and proceed.

Another problem [3] is that a MITM machine can present data from or redirect to
a phishing site that is skinned to appear to match the real site, rather than
try ing to intercept the SSL traffic itself.

For example, consider this exchange:

[V] = victim
[E] = evil site
[MiTM] = attacker
[B] = bank                    
     [V] --> [MiTM] --> [E]
    		 Victim attempts to connect to
                 MiTM redirects traffic to (no SSL cert

     [V] <-- [MiTM] <-- [E]
    		 Evil sends back phishing site skinned to look like
     [V] --> [MiTM] --> [E]
    		Victim enters login/password information,
		Evil records login info

     [V] <-- [MiTM] <-- [E]
		Evil sends back phishing site skinned to look like failed
		login page from all links on the page point
		to the real page

     [V] --> [MiTM]
		 Victim clicks on "retry". The MiTM (using techniques
		 from stateful firewalls) notes that the Victim has
		 been sent to Evil already now gets out of the middle
		 (sending a refresh to the Victim and then reconfiguring
		 itself to stop intercepting traffic).

     [V] <--> [B]
     		 Normal banking session continues without MiTM

How many people would notice that the first login screen doesn't have an SSL
connection, or that there's an "extra" refresh?

This type of attack becomes much easier if the MiTM is actually the wireless







=> --Gordon
=> edmond rodriguez wrote:
=> > After a PLUG West meeting we were discussing wireless computing.  I had mentioned that I never
=>  worried too much about doing secure https type stuff, even on an open wireless network, as http
=> s: schemes take care of the security.
=> >
=> > Another mentioned that in an extreme perhaps unlikely case (but still possible), a "man in the
=>  middle" could intercept the pass phrase negotiation that goes on at the beginning of a https: s
=> ession, and therefore continue from there using the established connection.
=> >
=> > I have been thinking about this for a while, and though I don't know the minute details of the
=>  process, I understand the the first stage of https negotiation uses private and public keys to 
=> negotiate a password for the next stage (a faster encryption scheme). 
=> >
=> > So how can anything be "intercepted".   The client and the server each have their own private 
=> keys, which the man in the middle will never know.  So how could the man in the middle decrypt t
=> he negotiated passphrases being used without having anyone's private keys?   I have not googled 
=> much about this and only going by some things I learned about two or three ago.
=> >
=> > Of course I am sure the risk of computing on an open wireless network is greater than a secure
=>  and/or wired network.  But is using https on an open wireless network very vulnerable?
=> > ___________________________________________________________________________
=> > Philadelphia Linux Users Group         --
=> > Announcements -
=> > General Discussion  --
=> >   
=> ___________________________________________________________________________
=> Philadelphia Linux Users Group         --
=> Announcements -
=> General Discussion  --

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --