[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: FAS and public Key auth

On Thu May 22 2008, Toshio Kuratomi wrote:

> It seems like this would be open to attack in the special case where the
> user has never logged into 1) The server they think they're connecting
> to 2) The machine the malicious server is actually trying to
> authenticate them against.  In this scenario the client doesn't have
> host keys for either of the remote machines so it's unable to verify
> that the malicious server is lying to it.

This is also not possible with public key authentication, because the server 
needs to create a signature with the host key when the session encryption key 
is generated. In case the attacker forwards the network traffic in this phase 
to the other server, he will not be able to decrypt the authentication phase. 
If he uses its own host key, then the signature used for authentication will 
not be accepted by the other server.


Attachment: signature.asc
Description: This is a digitally signed message part.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]