On Wed, 30 Apr 2014, Edward Ned Harvey (lopser) wrote:
From: David Lang [mailto:da...@lang.hm]
This is where I disagree. With heartbleed, any single site could be
compromised
just as easily, the only difference is that the password they got would not get
them into any other site.
You are still missing the point. Suppose you're a server that I login to.
Suppose you are compromised by heartbleed. Since the most I ever sent you was
my public key, there is absolutely no information compromised that would allow
the attacker to impersonate me *anywhere* including the compromised server.
You said "the password they got would not get them into any other site." The
things that are wrong with this statement are: 1: They didn't get any
password and 2: What they did get (a public key) is insufficient to get them
in even at the compromised site. And definitely not anywhere else.
So this requires that every website change their authentication to use CBcrypt?
and that you generate a unique public key pair for each site (otherwise your
secret key could be used to get you into multiple sites)
or you use some sort of PKI/CA mechanism for the public keys, at which point you
are vulnerable to any of the CAs being used to generate fake keys to impersonate
you.
David Lang
_______________________________________________
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
