James A. Donald wrote:
-- James A. Donald:
PKI was designed to defeat man in the middle attacks based on network sniffing, or DNS hijacking, which turned out to be less of a threat than expected.
However, the session fixation bugs http://www.acros.si/papers/session_fixation.pdf make https and PKI worthless against such man in the middle attacks. Have these bugs been addressed?
On 20 May 2005 at 23:21, Ben Laurie wrote:
Do they exist? Certainly any session ID I've ever had a hand in has two properties that strongly resist session fixation:
a) If a session ID arrives, it should already exist in the database.
b) Session IDs include HMACs.
The way to beat session fixation is to issue a privileged and impossible to predict session ID in response to a correct login.
If, however, you grant privileges to a session ID on the basis of a successful login, which is in fact the usual practice, you are hosed. The normal programming model creates a session ID, then sets variables and flags associated with that session ID in response to forms submitted by the user. To prevent session fixation, you must create the session ID with unchangeable privileges from the moment of creation.
Why? I suspect you are thinking of an attack other than session fixation. How does your attack work? Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com