[cryptography] ssl/tls splicing attack

James A. Donald jamesd at echeque.com
Tue Mar 16 20:01:54 EDT 2010

On 3/17/2010 1:43 AM, Adam Back wrote:
 > It seems to me from my sampling of banks with this script that they
 > mostly have not patched since the splicing flaw was publicly
 > disclosed last November.
 > To me that seems negligent - the splicing attack is very serious

It is not apparent to me that it is serious compared to our existing
problems..  It is a narrow attack on a protocol that is already
vulnerable to broad attacks.  If an evildoer inserts himself in the
middle, then rather than doing the splicing attack, he will be better
off just putting up counterfeit of the bank's websites, and expecting
the end users to click through the incomprehensible warning dialogs.

The big flaws in deployed cryptography are that:

  1.  HTTPS merely binds cryptographic keys to globally unique true
     names, and globally unique true names are as unmemorable as
     the raw cryptographic keys themselves, for example

2.  WEP is completely broken.

3.  WPA is subject to offline dictionary attack.

In short, none of the three major protocols actually work, all of them
need complete architectural redesign and full replacement.

More information about the cryptography mailing list