Re: An attack on paypal --> secure UI for browsers
The problem to be solved is this. Spoofed sites can acquire user credentials, especially passwords, and then use those to impersonate the user on the real sites. With paypal and e-gold, this allows stealing real money. Using client certificates to authenticate would solve this, because even if the user got fooled and authenticated to the spoofed site, the attacker wouldn't learn the client cert secret key and so would not be able to masquerade as the user. The problem (among others) is that this allows a virus to steal the client cert. If it is protected by a password, the malware must hang around long enough for the user to unlock the cert (perhaps because the malware sent a spoofed email calling for the user to visit the site, even the real site!). It can then read the user's keystrokes and acquire the password. Now it has the cert and password and can impersonate the user at will. The solution to this is Palladium (NGSCB). You'd want each ecommerce site to download a Nexus Computing Agent into the client. This should be no more difficult than downloading an Active-X control or some other DLL. The NCA has a manifest file associated with it that contains the ecommerce site's signing key. This allows the NCA to be effectively locked to that key. The user's site-specific client certificate would be sealed to this NCA. That means that no other NCA could get access to the client cert for that site, nor could any legacy software. All this is protected by the Palladium hardware and software. If a password is used for further security, to unlock the client cert (in addition to the NCA-specific encryption), it can use a secure channel to the NCA so that no keystroke loggers can steal the password. (However, as mentioned in a previous mail, this may not stop rogue NCA's from fooling the user by pretending to be the ecommerce site's NCA and picking up the password. It's not clear that adding a password really increases security. Fortunately the NCA security itself is already vastly stronger than anything available on a PC today.) In short, if Palladium comes with the ability to download site-specific DLLs that can act as NCAs, it should allow for solving the spoofed-site problem once and for all. When you login to paypal or e-gold, you would authenticate yourself using a cert that only those sites could see. This can be done in the framework of standard SSL, but would require a Palladium-aware browser.
----- Original Message ----- From: "Anonymous" <rebleep@bleep.dynip.com> Subject: Re: An attack on paypal --> secure UI for browsers
In short, if Palladium comes with the ability to download site-specific DLLs that can act as NCAs
Ok what flavor of crack are you smoking? Because I can tell from here that's some strong stuff. Downloading random DLLs that are given complete access to private information is one of the worst concepts that anyone has ever come up with, even if they are signed by a "trusted" source. Just look at the horrifically long list of issues with ActiveX, even with WindowsXP (which hasn't been around that long) you're already looking at more than half a dozen, and IIRC win95 had about 50. This has less to do with "windows is bad" than with "secure programming is hard." Arbitrarily trusting anyone to write a secure program simply doesn't work, especially when it's something sophisticated. Now for the much more fundamental issue of your statement. Palladium will never "download site-specific" anything. Palladium is a hardware technology, not a web browser. I will refrain from saying Paladium is a bad idea, simply because I see some potentially very lucrative (for me) options for it's use. Joe
The solution to this is Palladium (NGSCB).
You'd want each ecommerce site to download a Nexus Computing Agent into the client. This should be no more difficult than downloading an Active-X control or some other DLL. The NCA has a manifest file associated with it
No shit? This is moronic. But then it reflects the impaired cognitive abilities of corpdrones in mintel. I pay for the "computer", and then all these corporations start downloading shit to my "computer" in order to make it safe for me to use it, right ? I am lay person and need to trust these people, as I am clueless about stuff they download. But their web page says it's good. This all happens *after* I buy the computer. So, to recap, I pay several $K for the "computer" and then have to customize it so that it becomes "safe". The computer, as malladium authenticates the computer. Why do I want $3,000 authentication token ? No, mintel making money is not the right answer. Try again. ===== end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __________________________________ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com
The problem (among others) is that this allows a virus to steal the client cert. If it is protected by a password, the malware must hang around long enough for the user to unlock the cert (perhaps because the malware sent a spoofed email calling for the user to visit the site, even the real site!). It can then read the user's keystrokes and acquire the password. Now it has the cert and password and can impersonate the user at will.
The solution to this is Palladium (NGSCB).
BAH! *shudders* All we need for this is an external cryptographic token - a smartcard with a keypad, an USB device, a Bluetooth-enabled thingy. You plug it into the machine, the server you connect to sends its certificate name and challenge to the browser, which passes it unchanged to your token. The token asks you for a PIN, and calculates a response. The browser then transparently relays the response back. There is nothing in the unit that's accessible from the computer, and because of a physically different keypad nothing can be sniffed from the computer. The cost of the unit can get as low as few dollars, can easily interface with just about any OS including PDAs, and doesn't require The Megacorp Whose Name Shouldn't Be Spoken to take over your machine.
On Fri, Jun 13, 2003 at 11:04:42PM +0200, Thomas Shaddack wrote: | > The problem (among others) is that this allows a virus to steal the | > client cert. If it is protected by a password, the malware must hang | > around long enough for the user to unlock the cert (perhaps because the | > malware sent a spoofed email calling for the user to visit the site, | > even the real site!). It can then read the user's keystrokes and acquire | > the password. Now it has the cert and password and can impersonate the | > user at will. | > | > The solution to this is Palladium (NGSCB). | | BAH! *shudders* | | All we need for this is an external cryptographic token - a smartcard with | a keypad, an USB device, a Bluetooth-enabled thingy. You plug it into the | machine, the server you connect to sends its certificate name and | challenge to the browser, which passes it unchanged to your token. The ... | get as low as few dollars, can easily interface with just about any OS | including PDAs, and doesn't require The Megacorp Whose Name Shouldn't Be | Spoken to take over your machine. Actually, most of the features of Nogsuccob are features that I want, like integrity protected, authenticated boot. The problem, bundled with those features, is the ability of the system to attest to its secure boot. This can be fixed by not letting the host know if you've exported its host key or not, which makes it possible to run a virtualized, trusted copy in your emulation environment. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume
participants (5)
-
Adam Shostack -
Anonymous -
Joseph Ashwood -
Morlock Elloi -
Thomas Shaddack