[cryptography] PKI "fixes" that don't fix PKI (part III)
smb at cs.columbia.edu
Sat Sep 10 17:50:52 EDT 2011
On Sep 10, 2011, at 4:14 00PM, John Levine wrote:
>> This makes no sense whatsoever. Credit card numbers are *universally*
>> encrypted; of course there's no interception of them.
> There's a fair amount of low-level ecommerce by e-mail. They don't
> seem to be intercepted there, either.
>> In 1993, there was interception of passwords on the Internet.
> This strikes me as another example of "make your password totally
> obscure and change it every week", advice that was specific to a long
> ago environment that's been passed along as received wisdom.
> In the early 1990s there was still a fair amount of coax Ethernet, and
> twisted pair was usually connected to hubs rather than switches, so it
> was easy for a bad guy on your network or intermediate networks to
> snoop on the traffic. These days, the only shared media are hotel and
> coffee shop wifi.
> While we've certainly seen evidence that bad guys snoop on open wifi,
> it's not my impression that they're particularly looking for credit
> cards, more often passwords to accounts they can steal. The price of
> stolen credit cards in the underground economy is very low, so there's
> no point. The chokepoint to using stolen cards isn't getting the card
> numbers, it's to find cashers or money mules.
> So while I agree that it's a good idea in general to encrypt your
> traffic, I don't see any evidence that card numbers are at particular
You're missing my point. Let's take the definition of "threat" from the
National Academies study "Trust in Cyberspace": an adversary that is
motivated and capable of exploiting a vulnerability. There are three
keywords, "motivated", "capable", and "vulnerability". In 1993, the
adversaries demonstrated that they had the capability to intercept
traffic. While we certainly don't use coax Ethernet today, we do use
unencrypted or poorly encrypted wireless, quite regularly. The
link-layer vulnerability thus persists. The issue, then, is one of
motivation -- given the current market price for stolen credit card
numbers, are they motivated to try to steal them? That answer in turn
depends on the return per unit of effort expended. It is precisely
because of SSL that the actual vulnerability rate is very low, which in
turn removes the incentive.
Thought experiment: suppose that SSL or other generally-effective
encryption did not exist. What is the likelihood that today's generic
malware would contain a credit-card sniffing module as well as keystroke
loggers, account/password stealers, etc? I suspect that the odds are
very high -- it's easy code to write, it's just another payload that
they've demonstrated they have the capability to build, and -- absent
SSL or equivalent -- it would likely be productive enough.
--Steve Bellovin, https://www.cs.columbia.edu/~smb
More information about the cryptography