The problem with SSH2

Jim Choate ravage at EINSTEIN.ssz.com
Sun Dec 31 09:55:20 PST 2000 


On Sun, 31 Dec 2000, Markus Friedl wrote:

> On Fri, Dec 29, 2000 at 06:30:01PM +0000, Peter Fairbrother wrote:
> > Why not use a communication method that makes MITM attacks impossible to
> > successfully complete? Doesn't that "not expose them to risk at all"?
> 
> as Damien wrote: SSH2 + pk auth 'makes MITM attacks impossible to
> successfully complete'.

'pk auth' is handwaving.

How do you defeat the MITM attack against the key server this approach
requires? You don't, at some point there is a question of nothing but
'trust'. And it isn't testable. This is the fundamental weakness any any
security scheme that requires anything approaching public pk distribution.

The original point that what is needed is a distributed system with no
interest in message content is still valid. Then the parties using the
system can impliment the appropriate security for their purposes. Any
central server based system should be avoided. Any system that
pre-dictates the low-level format (ie non-delivery related) should be
avoided like the plague. Any system that requires single source (prefer
Open Source or PD) tools should be avoided like the black plague.

What we really need is a distributed network/process model (ala Plan 9)
that impliments content encryption at all levels, though 'next level' 
addressing should still be in the clear. Key management at the network
layer should be node-to-node (peer-to-peer) and left to the discression of
the individual parties. We accept that we need trust in our model and
distirbute it to the lowest level as well. This limits any breach of
security without massive amounts of resources, which limits the targets of
such attacks to reasonably readily identifiable, and as a result
protected, lists. Then using a distributed file system we can break the
actual contents up and store them 'holographically' (this probably means
multi-site storage for each little blob of a target file) so small amounts
of sites dropping off are irrelevant to the integrity of the file system.
At that point with some sort of 'anonymous thunking layer' (eg standard
anonymous remailer, posts through Usenet, or anonymous IP proxies) we can
impliment a 'data haven' sort of mechanism. This effectively means I can
access my 'home workspace' from anywhere on the Internet anonymously and
transparently (with respect to resource usage).

As an aside, this sort of architecture would also solve a lot of the
wireless issues as well.

    ____________________________________________________________________

           Before a larger group can see the virtue of an idea, a
           smaller group must first understand it.

                                           "Stranger Suns"
                                           George Zebrowski

       The Armadillo Group       ,::////;::-.          James Choate
       Austin, Tx               /:'///// ``::>/|/      ravage at ssz.com
       www.ssz.com            .',  ||||    `/( e\      512-451-7087
                           -====~~mm-'`-```-mm --'-
    --------------------------------------------------------------------

More information about the cypherpunks-legacy mailing list