Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
Author of SSH book rebuts SecurityPortal claims

By Miniluv in MLP
Mon Dec 25, 2000 at 02:45:37 PM EST
Tags: Security (all tags)
Security

About a week ago a link was posted to The End of SSL and SSH? on SecurityPortal's website. Two days ago Richard Silverman, co-author of O'Reilly book SSH:The Secure Shell, the definitive guide, posted his rebuttal of some points raised in that article. Good perspective on man in the middle attacks and how they're really not nearly as big a deal as SecurityPortal's story made them out to be.


Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Poll
Do you ssh?
o Yes, v1 33%
o Yes, v2 36%
o No, it sucks. 1%
o No, but Inoshiro does 28%

Votes: 57
Results | Other Polls

Related Links
o The End of SSL and SSH?
o his rebuttal
o SecurityPo rtal
o Also by Miniluv


Display: Sort:
Author of SSH book rebuts SecurityPortal claims | 16 comments (6 topical, 10 editorial, 0 hidden)
ssh still can't solve all our problems... (3.50 / 2) (#5)
by pak21 on Mon Dec 25, 2000 at 05:35:31 AM EST

Good perspective on man in the middle attacks and how they're really not nearly as big a deal as SecurityPortal's story made them out to be

As I see it, what SecurityPortal's story was saying (admittedly in a very sensationalistic way) is that ssh isn't a `magic bullet', which is going to fix all the problems with telnet in one quick command substitution. Users still need to think about what they're doing, and not just hit `Yes' every time they see the prompt saying `Host key is not in database' (I'm as guilty of this as the next man, though...).

However, when all that's said and done, I still don't think the SecurityPortal article was necessarily the best thing to write - ssh is much better than telnet, so we do need to be encouraging the masses to use it, but at the same time, we also need to be educating users about what the (potential) problems with ssh are.



Keys (1.50 / 2) (#6)
by DeadBaby on Mon Dec 25, 2000 at 10:45:46 AM EST

That's why I think it's time we embrace some type of portable data storage for our keys. Smart cards or whatever. No need to even send keys over the internet.
"Our planet is a lonely speck in the great enveloping cosmic dark. In our obscurity -- in all this vastness -- there is no hint that help will come from elsewhere to save us from ourselves. It is up to us." - Carl Sagan
[ Parent ]
How do you figure? (4.00 / 2) (#12)
by Miniluv on Mon Dec 25, 2000 at 03:40:14 PM EST

How do smart cards replace the need to send keys over the internet? Do you actually grasp the concept of public key infrastructure? PKI is built so you not only can but must send your public keys across insecure networks.

Attempting to remove key exchange across public networks brings us back to the state of crypto in the late 1960's before Diffie and Hellman invented the concept of PKI in a non-classified manner.

Smart cards are a key storage and portability solution, not a key exchange solution. Smart cards obviate people of the necessity of sending private keys through email when they need them in new locations, or of maintaing large authorization files with all of the various private keys which authenticate them. This is a good thing, and will aid in the construction of more comprehensive VPN solutions using things like SSH and SSL, but it is not really a "solution" to a non-existant problem with SSH.

"Its like someone opened my mouth and stuck a fistful of herbs in it." - Tamio Kageyama, Iron Chef 'Battle Eggplant'
[ Parent ]

Smart cards can do more than that. (4.00 / 2) (#15)
by Paul Crowley on Mon Dec 25, 2000 at 08:19:37 PM EST

There are more uses for smart cards than just portable storage devices, because of trust and tamper resistance. Some of this isn't implemented yet but work is ongoing. They can be used to store authentication keys in secure storage, so you can make sure the remote end isn't being spoofed. They can also store high-entropy secrets for you which you can use in combination with a passphrase to identify yourself, designed so that an attacker has to capture the secret on the smart card in order even to try a dictionary attack. I agree that they should be used in combination with PK technology, not as a replacement, but they can do a lot of work in that regard.
--
Paul Crowley aka ciphergoth. Crypto and sex politics. Diary.
[ Parent ]
And it goes on... (4.00 / 1) (#13)
by pak21 on Mon Dec 25, 2000 at 05:59:12 PM EST

Kurt Seifried (who wrote the original article) is now back with his response to the response. A couple of valid points in here, more implementation issues than fundamental problems with the protocols themselves, but it does start you thinking about where the weak points for protecting your data are now (at least once they're on the computer)



"Security is a process, not a product" (5.00 / 1) (#14)
by Paul Crowley on Mon Dec 25, 2000 at 08:02:06 PM EST

This is a repeat of a response I made on Slashdot; do not adjust your set. I'm just running around trying to counter some of the misconceptions that this series of articles might create...

I'm sorry, but for the main part it seems like interpreting Bruce Schneier's motto "Security is a process, not a product" to mean that therefore all products are insecure and we should panic. It's hardly news that these products don't drop into place and create perfect security. No measure is perfect; what's wonderful is that when you use these measures, it gives an attacker headaches like greater expense and difficulty and a better chance of being caught, and that's what computer security is really all about.

Now I think there's a lot to be said for articles that detail the ways someone might try and mount attacks that circumvent the protection offered by these measures, so that you know how to gain the most protection from them, but presenting it in the form of alarmism about sensible security precautions is irresponsible.

Also, there's at least one important error in this article: Unlike SRP, B-SPEKE et al, Kerberos is not a ZKP password protocol. The Kerberos password protocol, IIRC, is a "weak" password protocol that allows offline dictionary attacks where no extra authentication information exists at the client end. Seifreid interviewed the creator of SRP last year (sorry, can't find URL just now), but I'm not sure he "gets it" about why SRP and friends are so great.
--
Paul Crowley aka ciphergoth. Crypto and sex politics. Diary.
[ Parent ]

Author of SSH book rebuts SecurityPortal claims | 16 comments (6 topical, 10 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!