2009/5/18 Nikos Balkanas <nbalka...@gmail.com>: > It would require a lot of effort, but a transparent proxy, can rewrite IP > source headers, sequence numbers, ACKs and if it has followed all algos and > key exchanges, even regenerate those. HMAC is nothing more than a glorified > CRC encoded with some secret exchanged at the start. If anyone captures that > secret can regenerate all MACs.
Among other things, the Diffie-Hellman key exchange protocol makes it computationally infeasable for an observer to "follow" the key exchanges. The only way that anyone can 'follow' the key exchange even under non-DH exchanges is to have a copy of the private key(s) used -- in the case of RSA exchanges, the alternative would be to be able to factor very large primes very quickly; in the case of Diffie-Hellman/DSA exchanges, the alternative would be to to be able to perform discrete logarithms in a Galois field. Both of which are described as "hard problems". It's not known whether they qualify as NP-complete, but they definitely qualify as NP-hard (NP meaning 'nonpolynomial time', or 'the amount of time required to do it is logarithmic with how much information needs to be processed', which is why larger key sizes are typically better). > Transparent proxies and gateways are always a concern in security, Such as your home NAT router. Such as your business's router. Such as the routers between you and the server you're talking to on the Internet. It doesn't take a lot of work to do a 'transparent proxy'. It would take a lot more work to forge a TLS session than it takes to forge a TCP session. The only way that has been discovered for a successful "man in the middle" attack to occur is for a TLS session to be established with the (no-longer transparent) proxy, and then the proxy establishing another TLS session with the intended endpoint. This attack is mitigated by the certificate authentication mechanism, which uses information that the proxy-endpoint doesn't have (the private key that goes to the certificate presented by the server and possibly the client). -Kyle H ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
