On Fri, Aug 24, 2001 at 05:28:43PM +0100, Andrew Cooke wrote:
> What I should have asked is how to detect a *substitute* request. It will
> be self-consistent, but will not match the correct private key.
>
> One solution is to show that the certificate and private key are consistent
> after signing, but there does not seem to be a way of doing this using openssl.
>
> For example, Alice generates a request, sending it to Bob. Mallory
> intercepts the message and substitutes a different request. Bob sign's
> Mallory's request and returns it to Alice. Alice thinks she has a
> certificate that matches her key and distributes it. Mallory then sends
> data in Alice's name and people verify it against what is apparently
> Alice's certificate.
This is an organizational issue in the first place. The CA (you name it Bob)
must make sure that it only signs the correct request. Your security
concept is void, if you allow Bob to sign the request without checking
it to be authentic.
In our university the scenario is as follows. Alice creates the request,
then creates a fingerprint (e.g. MD5) of the request. She then sends the
request to the CA (Bob) by whatever means: email, floppy. To actually
have the CA sign the request, the fingerprint must reach the CA on
an independent way. This normally means Alice will walk to the CA (Bob)
and hand him a paper with her data, the MD5 and her handwritten signature.
Bob will then check her id card, passport or whatever reliable identication
proof and later will sign the request and return it to Alice (e.g. by
email).
Again: you are describing the classic man-in-the-middle attack and the
only way to prevent it is to pass some authentication data on trusted
channel (in our case the paperwork). It's an organizational problem
more than a technical one.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
