On Thu Oct 21 22:11:50 2010, Alex Milowski wrote:
On Thu, Oct 21, 2010 at 2:00 PM, Dave Cridland <[email protected]>
wrote:
> On Thu Oct 21 20:08:42 2010, Alex Milowski wrote:
>>
>> Most simply, I want to be able to use something like DIGEST
>> authentication to keep the shared secret from being exposed. I
think
>> that is a simple request that is fairly straightforward to
accomodate.
>> A simple hash scheme doesn't protect against replay attacks and
so
>> we do need the challenge in the mix somehow.
>
> Who are you assuming, in this threat model, is doing the replay?
Anyone who has somehow intercepted traffic. One simple example
would
be a server that is logging stanzas for some reason.
Also, if someone's server has been compromised and they join the
protected room, the attacker now has the authentication stanza
sequence. With any kind of challenge whose response includes a
nonce
and uses a one-way hash, the attacker is going to have a much harder
time decoding the response (if they can at all) and attempting to
crack the secret. Of course, this depends on the method chosen.
They
most certainly can't use a replay attack.
But in these cases, the attacker can not only read, but spoof,
traffic. In which case they can at least insert traffic of their
choosing into a session.
Also, if they have the challenge and response in the clear, they can
perform a dictionary attack offline.
I suspect you're way past hashing the room's secret and well into at
least signing stanzas (and having a provisioning step for
certificates, optionally), if not encrypting them.
Dave.
--
Dave Cridland - mailto:[email protected] - xmpp:[email protected]
- acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
_______________________________________________
JDev mailing list
Forum: http://www.jabberforum.org/forumdisplay.php?f=20
Info: http://mail.jabber.org/mailman/listinfo/jdev
Unsubscribe: [email protected]
_______________________________________________
