Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: "The End of SSL and SSH?"

From: Eric Rescorla <ekr () SPEEDY RTFM COM>
Date: Wed, 20 Dec 2000 23:38:35 -0800
Ajax <ajax () FIREST0RM ORG> writes:


On Wed, 20 Dec 2000, Crispin Cowan wrote:


Kurt Seifried wrote:

SSL, SSH, and PGP each took a different approach to addressing, if not
solving, the initial key placement problem, and each has its own
strengths & weaknesses:


Allow me to refer everyone to the SRP protocol (http://srp.stanford.edu/),
which accomplishes a cryptographically strong password exchange and uses
it to establish a session key.  This works by assuming you already have a
password stored on the remote host (you do, in /etc/shadow), and therefore
pushes the initial key placement problem up to account creation time,
which we assume is a secure event, right?

This is fine for replacing SSH, but it's not very useful for the
most common application of SSL--credit card submission. It's only
useful when the two parties have some prior arrangement.

Incidentally, SRP is only the latest in a long line of what
are known as "strong password protocols". The original one
of which is Bellovin and Merritt's EKE. For more than you ever
wanted to know about this topic check out:
http://www.integritysciences.com/

-Ekr
Previous By Date Next
Previous By Thread Next

Current thread: