man-in-the-middle at ssl handshake

Networking/Security Forums -> Exploits // System Weaknesses

Author: h2g PostPosted: Sun Dec 06, 2009 12:18 am    Post subject: man-in-the-middle at ssl handshake

I have difficulties to understand why the signed certificate in SSL-authentication should make it difficult to do a man-in-the-middle-attack.

If I were the attacker, this is what I would do:
I would pretend to the server (eg. an online bank) to be the client. And I would pretend to the client (eg. customer of the bank) that I'm the server. I would just forward the certificate that was originally sent by the server to the client. This certificate is certainly signed, I would not change anything at that signature. So the client would not be able to recognize that the certificate is actually not sent by the server, but forwarded by me - the attacker. Thus, the client would believe that I am the server.

What am I misunderstanding?


Author: capiLocation: Portugal PostPosted: Sun Dec 06, 2009 3:02 pm    Post subject:
Hi Henning,

The point is that the public key used by the client to encrypt the data is contained in the server certificate. If you forward the server's certificate to the client, you will be unable to decrypt the client's traffic later -- unless you can somehow crack the public key, in which case the whole encryption thing is moot anyway.

If you alter the server's certificate to include your own public key, then the CA signature on the certificate won't match, and the client's browser will flag the certificate as invalid.

Networking/Security Forums -> Exploits // System Weaknesses

output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group