* David Schwartz wrote on Tue, Sep 25, 2007 at 14:47 -0700: [...] > > I'm not sure if I understand "...including these...". If, for > > instance, each side (and only them) share a secret 3DES key and > > use it for some challenge-response-authentication inside a SSL > > tunnel then I would assume that this is secure because it would > > be secure without the SSL and thus should be with it. > > No, because a MITM could interpose his own SSL connection to > both sides, proxy the challenge-response authentication and > then view or modify the plaintext.
(Ahh, ok, yes, in case the challenge-response itself wouldn't generate a session key, right. I assumed the involved secret 3DES key is not known to the MITM and the session key is derived also using it.) > If you don't verify the name in the certificate, SSL provides > everything you need *except* MITM detection. So you just need > to add that. Once you verify that the two programs that are > going to exchange secure data have opposite ends of the *same* > SSL connection, SSL does everything you need. Yes, I see, but why encrypt at all if you don't know who can decrypt it? Some authentication must be added (in whatever way) if encryption is required (data must be kept secret), right? > > So your point is that some property from the original > > certificate (lets say some hash or so) could be included in > > the extra authentication to detect a MITM (or whatever faked) > > certificate? In that case, SSL would be used basically for > > encryption only, right? > > Exactly. Ahh, ok. I assumed SSL and TLS would specify how to authenticate and how to derive keys (to be interoperable), but also Victor explained my that there are more flexible possibilites such as defining new cipher suites (before, I assumed the standard would require a lowest common dominator such as TLS_RSA_WITH_3DES_EDE_CBC_SHA and so on to get all implementations interoperable). > > Are such schemes used in practice? Or is it more a theoretical > > idea showing what would be possible? > > Yes, they are. Interesting. I assume they are not interoperable with `ordinary' SSL implementations, that is correct, isn't it? So SSL or TLS simply has a wider scope than I assumed before :) Thank you for explaining that (hoping I got it right :)). oki, Steffen About Ingenico Throughout the world businesses rely on Ingenico for secure and expedient electronic transaction acceptance. Ingenico products leverage proven technology, established standards and unparalleled ergonomics to provide optimal reliability, versatility and usability. This comprehensive range of products is complemented by a global array of services and partnerships, enabling businesses in a number of vertical sectors to accept transactions anywhere their business takes them. www.ingenico.com This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. About Ingenico Throughout the world businesses rely on Ingenico for secure and expedient electronic transaction acceptance. Ingenico products leverage proven technology, established standards and unparalleled ergonomics to provide optimal reliability, versatility and usability. This comprehensive range of products is complemented by a global array of services and partnerships, enabling businesses in a number of vertical sectors to accept transactions anywhere their business takes them. www.ingenico.com This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
