Key Exchange Without Entity Authentication
From Guidance Share
Revision as of 02:13, 30 October 2006; Admin (Talk | contribs)
(diff) ←Older revision | Current revision | Newer revision→ (diff)
(diff) ←Older revision | Current revision | Newer revision→ (diff)
Contents |
[edit]
Description
Performing a key exchange without verifying the identity of the entity being communicated with will preserve the integrity of the information sent between the two entities but it will not guarantee the identity of the other entity.
[edit]
Applies To
- Languages: Any language which does not provide a framework for key exchange.
- Operating platforms: All
[edit]
Example
Many systems have used Diffie-Hellman key exchange without authenticating the entities exchanging keys, leading to man-in-the-middle attacks. Many people using SSL/TLS skip the authentication (often unknowingly).
[edit]
Impact
- Authentication: No authentication takes place in this process, bypassing an assumed protection of encryption
- Confidentiality: The encrypted communication between a user and a trusted host may be subject to a “man-in-the-middle” sniffing attack
[edit]
Vulnerabilities
- Failure to ensure the identity of an entity with which you are exchanging keys.
[edit]
Countermeasures
- Design: Ensure that proper authentication is included in the system design.
- Implementation: Understand and properly implement all checks necessary to ensure the identity of entities involved in encrypted communications.
[edit]
Vulnerability Patterns
[edit]