[cryptography] trustwave admits issuing corporate mitm certs

Marsh Ray marsh at extendedsubset.com
Tue Feb 28 11:42:20 EST 2012

On 02/28/2012 07:34 AM, The Fungi wrote:
> "Your login was successful, but due to recent security concerns we
> also require a one-time verification of your personal information.
> Please now enter the following...

Yes, but all of this falls in the category of "user authenticates the

> So sure, maybe not socially engineered out of his online banking
> credentials,

Well that counts as progress, right? :-)

Another thing it does is allow the website security architecture to 
eliminate a Trustwave-style MitM on connections to their actual servers.

Recall that I said 2/26/2012:
> The only point here is that banking and other web sites aren't using
> every tool in the box of supported and available cryptographic
> protocols.

It's a pretty weak claim.

On 02/28/2012 07:34 AM, The Fungi wrote:
> just possibly everything else the attacker might want in lieu of
> access to the banking portal itself. Mutual authentication could
> thwart this if implemented well in a way which was very visible to
> the user, but also might not if implemented poorly (and it's not like
> banks are leading the way in well-thought-out authentication
> technologies, after all).

Think about an anti-phishing technology like Passmark/Sitekey. Once the 
user gives their username, the site shows the user's "personal image" 
(e.g. a rubber duck, a boat, a car, whatever). The idea is that a simple 
phishing site won't know the user's personal image and the user is given 
an opportunity to notice that something is amiss. If the user is alert 
this will deter simple phishing. (This is a big 'if' of course, and 
there are some discouraging user studies on it, but let's assume for now 
it works.)

But the phishing site can relay the username to the actual bank and then 
show the image to the user. Heck, the phishing site could be mostly just 
a proxy to the legit site. So, at best, this system in its current form 
converts an offline attack to an online attack.

However, the online phishing attack may be more difficult for other 
reasons. The legitimate site now gets to see a source IP and other 
parameters of the attacker's connection. This metadata can feed logging, 
alerting, and other fraud detection systems.

By forcing the phishing attack to involve the legitimate site, it does 
one other thing: it puts the site in a position to require strong mutual 
authentication. TLS client certs could thus reliably defeat the active 
variant of phishing a Passmark/Sitekey-like system.

> Also working against this is that it's more expensive for banks to
> step up authentication past the level which government regulators
> consider to no longer be grossly negligent. Beyond there it's likely
> cheaper in the long run for banks to refund disputed transactions and
> replace compromised accounts (or wait for victims to get frustrated
> and give up/leave in disgust).

I think that was certainly true just a few years ago. But today I see a 
sincere and growing interest by financial institutions in improving real 
security for their online users.

- Marsh

More information about the cryptography mailing list