Man-in-the-Middle in Tunnelled Authentication Protocols
نویسندگان
چکیده
Deploying a new security protocol is expensive. This encourages system designers to look for ways of re-using existing infrastructure. When security protocols and components are re-used, it is critical to re-examine the security of the resulting system as a whole. For example, it has become a common paradigm to run a legacy client authentication protocol within a server-authenticated tunnel. The commonest example of such composition is the use of HTTP authentication inside a TLS tunnel. In this paper, we describe a man-in-the-middle attack on such protocol composition. The vulnerability arises if the legacy client authentication protocol is used both in tunnelled and untunnelled forms. We propose to solve the discovered problem by using a cryptographic binding between the client authentication protocol and the protection protocol.
منابع مشابه
Man-in-the-Middle in Tunnelled Authentication Protocols (Discussion)
Deploying a new security protocol is expensive. This encourages system designers to look for ways of re-using existing infrastructure. When security protocols and components are re-used, it is critical to re-examine the security of the resulting system as a whole. For example, it has become a standard paradigm to run a legacy client authentication protocol within a secure tunnel. The commonest ...
متن کاملMan-in-the-Middle in Tunnelled Authentication
Recently new protocols have been proposed in IETF for protecting remote client authentication protoocols by running them within a secure tunnel. Examples of such protocols are PIC, PEAP and EAP-TTLS. One goal of these new protocols is to enable the migration from legacy client authentication protocols to more secure protocols, e.g., from plain EAP type to, say, PEAP. In these protocols, the sec...
متن کاملA TESLA-based mutual authentication protocol for GSM networks
The widespread use of wireless cellular networks has made security an ever increasing concern. GSM is the most popular wireless cellular standard, but security is an issue. The most critical weakness in the GSM protocol is the use of one-way entity authentication, i.e., only the mobile station is authenticated by the network. This creates many security problems including vulnerability against m...
متن کاملMan-in-the-Middle in Tunneled Authentication Protocols
Recently new protocols have been proposed in the IETF for protecting remote client authentication protocols by running them within a secure tunnel. Examples of such protocols are PIC, PEAP and EAP-TTLS. One goal of these new protocols is to enable the migration from legacy client authentication protocols to more secure protocols, e.g., from plain EAP type to, say, PEAP. In these protocols, the ...
متن کاملProcess algebraic modeling of authentication protocols for analysis of parallel multi-session executions
Many security protocols have the aim of authenticating one agent acting as initiator to another agent acting as responder and vice versa. Sometimes, the authentication fails because of executing several parallel sessions of a protocol, and because an agent may play both the initiator and responder role in parallel sessions. We take advantage of the notion of transition systems to specify authen...
متن کامل