Posted: Sun Dec 06, 2009 12:18 am Post subject: man-in-the-middle at ssl handshake
I have difficulties to understand why the signed certificate in SSL-authentication should make it difficult to do a man-in-the-middle-attack.
If I were the attacker, this is what I would do:
I would pretend to the server (eg. an online bank) to be the client. And I would pretend to the client (eg. customer of the bank) that I'm the server. I would just forward the certificate that was originally sent by the server to the client. This certificate is certainly signed, I would not change anything at that signature. So the client would not be able to recognize that the certificate is actually not sent by the server, but forwarded by me - the attacker. Thus, the client would believe that I am the server.
Joined: 21 Sep 2003 Posts: 16777097 Location: Portugal
Posted: Sun Dec 06, 2009 3:02 pm Post subject:
The point is that the public key used by the client to encrypt the data is contained in the server certificate. If you forward the server's certificate to the client, you will be unable to decrypt the client's traffic later -- unless you can somehow crack the public key, in which case the whole encryption thing is moot anyway.
If you alter the server's certificate to include your own public key, then the CA signature on the certificate won't match, and the client's browser will flag the certificate as invalid.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum