An attack on paypal --> secure UI for browsers

Anonymous rebleep at bleep.dynip.com
Tue Jun 10 18:36:10 PDT 2003


The problem to be solved is this.  Spoofed sites can acquire user
credentials, especially passwords, and then use those to impersonate the
user on the real sites.  With paypal and e-gold, this allows stealing
real money.

Using client certificates to authenticate would solve this, because
even if the user got fooled and authenticated to the spoofed site, the
attacker wouldn't learn the client cert secret key and so would not be
able to masquerade as the user.

The problem (among others) is that this allows a virus to steal the
client cert.  If it is protected by a password, the malware must hang
around long enough for the user to unlock the cert (perhaps because the
malware sent a spoofed email calling for the user to visit the site,
even the real site!).  It can then read the user's keystrokes and acquire
the password.  Now it has the cert and password and can impersonate the
user at will.

The solution to this is Palladium (NGSCB).

You'd want each ecommerce site to download a Nexus Computing Agent into
the client.  This should be no more difficult than downloading an Active-X
control or some other DLL.  The NCA has a manifest file associated with it
that contains the ecommerce site's signing key.  This allows the NCA to be
effectively locked to that key.

The user's site-specific client certificate would be sealed to this NCA.
That means that no other NCA could get access to the client cert for
that site, nor could any legacy software.  All this is protected by the
Palladium hardware and software.

If a password is used for further security, to unlock the client cert
(in addition to the NCA-specific encryption), it can use a secure
channel to the NCA so that no keystroke loggers can steal the password.
(However, as mentioned in a previous mail, this may not stop rogue NCA's
from fooling the user by pretending to be the ecommerce site's NCA and
picking up the password.  It's not clear that adding a password really
increases security.  Fortunately the NCA security itself is already
vastly stronger than anything available on a PC today.)

In short, if Palladium comes with the ability to download site-specific
DLLs that can act as NCAs, it should allow for solving the spoofed-site
problem once and for all.  When you login to paypal or e-gold, you would
authenticate yourself using a cert that only those sites could see.
This can be done in the framework of standard SSL, but would require a
Palladium-aware browser.





More information about the cypherpunks-legacy mailing list