[security] security hole in signature algorithm
Dick Hardt
dick at sxip.com
Mon Nov 20 20:06:26 UTC 2006
Actually, it is not a MITM attack. The real user has been replaced by
a malicious user.
Per the rest of the thread, my understanding of the spec was
incorrect and there is no vulnerability.
-- Dick
On 20-Nov-06, at 11:45 AM, James A. Donald wrote:
> --
> Dick Hardt wrote:
> > Scenario ------------- By manipulating the return_to
> > parameter, an attacked can impersonate another user at
> > an RP.
> >
> > 1) Attacker goes to an RP and initiates an
> > authentication pretending to be http://victim.op.com.
> > RP sends the following parameters in the request:
> >
> > openid.return_to=http://rp.com/result?p=x
> > openid.identity=http://victim.op.com
> >
> > 2) The attacker modifies the parameters as such:
>
> This is a man in the middle attack. To launch a man in
> the middle attack, one generally poisons DNS or routing
> tables, which can be done, and often is done, but is not
> that easy or that common. One can also launch a man in
> the middle attack by interfering with the physical line
> coming from a particular home, or a particular
> institution.
>
> It is reasonable to provide security that fails to
> protect against a man in the middle attack, for such
> attacks are not the main threat, but the threat needs to
> be noted, and should be defended against if one can find
> a low cost way of doing so.
>
>
>
> --digsig
> James A. Donald
> 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
> Feg5WSMP+ZF9MK8mPWm1MPQga0yF7ZwzeRCB9rmH
> 4WstoiW2104UktEffclaA6DuFGBVF5+Pv9KN9JK/r
>
>
More information about the specs
mailing list