Man-in-the-Middle in Tunnelled Authentication Protocols (Discussion)
نویسنده
چکیده
Deploying a new security protocol is expensive. This encourages system designers to look for ways of re-using existing infrastructure. When security protocols and components are re-used, it is critical to re-examine the security of the resulting system as a whole. For example, it has become a standard paradigm to run a legacy client authentication protocol within a secure tunnel. The commonest example of such composition is the use of HTTP authentication inside a TLS tunnel. In this paper, we describe a man-in-the-middle attack on such protocol composition. The vulnerability arises if the legacy client authentication protocol is used both in tunnelled and untunnelled forms. Even when the client authentication protocol and the tunnel protocol are both secure, composing them in the customary manner results in an insecure system. We propose a solution to this problem by using a cryptographic binding between the client authentication protocol and the tunnel protocol.
منابع مشابه
Man-in-the-Middle in Tunnelled Authentication Protocols
Deploying a new security protocol is expensive. This encourages system designers to look for ways of re-using existing infrastructure. When security protocols and components are re-used, it is critical to re-examine the security of the resulting system as a whole. For example, it has become a common paradigm to run a legacy client authentication protocol within a server-authenticated tunnel. Th...
متن کاملMan-in-the-Middle in Tunnelled Authentication
Recently new protocols have been proposed in IETF for protecting remote client authentication protoocols by running them within a secure tunnel. Examples of such protocols are PIC, PEAP and EAP-TTLS. One goal of these new protocols is to enable the migration from legacy client authentication protocols to more secure protocols, e.g., from plain EAP type to, say, PEAP. In these protocols, the sec...
متن کاملA TESLA-based mutual authentication protocol for GSM networks
The widespread use of wireless cellular networks has made security an ever increasing concern. GSM is the most popular wireless cellular standard, but security is an issue. The most critical weakness in the GSM protocol is the use of one-way entity authentication, i.e., only the mobile station is authenticated by the network. This creates many security problems including vulnerability against m...
متن کاملClassical Security Protocols for QKD Systems
The purpose of this report is to document the three principal classes of classic cryptographic protocols which are needed in systems for quantum key distribution. We will detail the protocols used for secretkey reconciliation by public discussion, privacy ampli cation by public discussion, and unconditionally secure authentication. We suggest the use of the model checking method for the analys...
متن کاملMan-in-the-Middle in Tunneled Authentication Protocols
Recently new protocols have been proposed in the IETF for protecting remote client authentication protocols by running them within a secure tunnel. Examples of such protocols are PIC, PEAP and EAP-TTLS. One goal of these new protocols is to enable the migration from legacy client authentication protocols to more secure protocols, e.g., from plain EAP type to, say, PEAP. In these protocols, the ...
متن کامل