On Mon, 14 Oct 2002 12:32:23 EDT, Joe Baptista said: > You mentioned two security protocols above - well they have proven to be > vulnerable. > > http://search.cert.org/query.html?col=allcert&col=certadv&col=incnotes&col=research&col=secimp&col=techtips&col=trandedu&col=vulnotes&ht=0&qp=&qt=KDC&qs=&qc=&pw=100%25&ws=1&la=en&qm=0&st=1&nh=25&lk=1&rf=2&rq=0&si=1 > http://search.cert.org/query.html?rq=0&ht=0&qp=&qs=&qc=&pw=100%25&ws=1&la=&qm=0&st=1&nh=25&lk=1&rf=2&oq=&rq=0&si=1&col=allcert&col=trandedu&col=vulnotes&col=techtips&col=research&col=certadv&col=incnotes&col=secimp&qt=kerberos And your point is? The fact that they're vulnerable doesn't prove your thesis. If anything, it proves that they were (a) thought of and (b) designed (since otherwise they'd not exist and therefor wouldn't be vulnerable). Also, it proves that (c) they were generally considered secure enough that it was worth putting out a CERT on it (if they had been TOTAL swiss cheese, it wouldn't matter). > Thats exactly my point. I have yet to see anything that can't be > compromised. I am afraid that if you're waiting for "can't be compromised", you are in for a VERY long wait. Serious security professionals know that anything CAN be compromised - the requirement is that it be merely secure enough to deter an attacker. For instance, a GSA Class 5 cabinet or vault is rated to store classified material, but is *NOT* impervious to attack. It is merely required to stand up to a certain amount of time (10 hours for surreptitious and 15 minutes brute-force, if I remember correctly). The theory is that if you try to be quiet about it, you'll still be trying to crack it when the next shift shows up in the morning, and if you brute-force it, you'll make enough noise that the Marine guard will come and investigate. > > Depending on the type of traffic that Carnivore is being used to > > intercept, I doubt that the transition to v6 form v4 will be a > > concern, absent use of IPsec or S/MIME or SSL/TLS. > > I'm not sure what you mean here. He means that v4 versus v6 won't matter a hill of beans to Carnivore, what will matter to its data gathering is whether IPSec or other suitable crypto is used *on top of* the v4/v6 connection. > > IPsec does not make IP "less prone to man in the middle interception > > ..." It makes v4 and v6 immune to such interception. IPv6 will NOT do > > IPsec does not make any system immune from man in the middle interception. > Maybe the transmitted data is immune from your average joe in the middle > but not from those who can and have the resources to decrypt these > transmissions. That is after all what intel (intellegence communities) do > as a standard part of their business. Granted IPsec makes it more costly > to view the stream - but not impossible. There is no such thing as an > immune protocol. OK. I'll grant you that. However, I suggest you look at the amount of resources needed to actually brute-force decrypt an IPSec connection when using the recommended algorithms and key lengths - and then ask yourself whether your threat model includes that scale attack (hint - 3DES isn't twice as hard to break as single-DES, it's 2^56 or 72,057,594,037,927,936 times harder. Now, if the EFF DES-breaker cost $250K, you'll need that many of them - which is well over the US GNP. Which three-letter-agency wants to spend that much on you, and if it's THAT important, why won't they just engage in what Marcus Ranum calls "rubber hose cryptography"? Also, you seem to be confused regarding passive sniffing and what everybody else considers a Man In The Middle attack, which is an ACTIVE attack where you simultaneously spoof 2 connections... I would suggest you read and understand *both* Schneier's "Applied Cryptography" *and "Secrets and Lies" - they'll probably clarify many things for you. -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
Attachment:
pgp00129.pgp
Description: PGP signature