Re: Need some education: Man-in-the-Middle Attacks

Hi,

That is why CAs (certification authorities) exists ! ! they are
trusted third parties !
They mantain a database with the public keys of the entities they are
confident of.
The CA isues certificates signed by itself granting identities !

Cheers
Christian

2006/8/30, Mark Senior <senatorfrog@gmail.com>:
> On 8/29/06, Christ, Bryan wrote:
> > All,
> >
> > Please pardon my naivete.
> >
> > I was looking at the diagram on the URL listed below and contemplating
> > how host fingerprinting prevents MITM attacks.
> >
> > http://www.vandyke.com/solutions/ssh_overview/ssh_overview_threats.html
> >
> > So my question is this... Given the illustration in the URL above, what
> > prevents Eve from *first* contacting Alice to obtain a fingerprint which
> > then gets passed to Bob on the first connection attempt?
> >
>
> The server passes the client its public key; the client generates a
> fingerprint of this public key, and verifies that it matches a known
> one from previous connections.
>
> Eve can pass Alice's public key to Bob, but she doesn't possess
> Alice's private key, so she has no way to interfere further with the
> communications (beyond tampering at a network level - introducing
> delay, dropping the connection, etc.)
>
> Only if Eve gets in the way of the very first connection attempt, can
> she pass her own public key off as Alice's, without Bob detecting it.
> On the first connection, he'd have to either trust what he sees, or
> verify the fingerprint offline somehow.  On subsequent connections,
> the mismatch would be obvious.