Re: authentication (SRP*, DH, TLS)
- From: gmu2006@xxxxxxxxx
- Date: 15 Apr 2006 06:21:08 -0700
Paul Rubin wrote:
gmu2006@xxxxxxxxx writes:
ok, so when I implement TLS by using the socket redirectors
with let's say OpenSSL (already used for TLS in HTTPS) what
protocol-options or -features do I need to use/enable if I want
to be MITM-proof. if you tell me we need a PKI or a secret private
root cert for that it gets hard to deploy.
As is usual in sci.crypt discussions of this type, it would help if
you could say more about your application, like how many servers and
how many clients you expect to have, how they're going to be used
and what your key storage constraints are, etc.
the system consists of a master node and satellite nodes
when deployed in distributed mode. there can be 1...n clients
connecting to the services for user needs or administrative
needs. IIRC it with a root certificate it would be enough to
include the public part with the clients and ideally allow the
customers to add their own root certs or just run in "I trust
the server cert anyway as long as the hostname and
expire-date are OK"
mode.
Yes, every certificate needs a private key. "PKI" can mean an
elaborate hierarchy but it can also mean a simple CA like the perl
script included with OpenSSL. You get MITM protection by having a
good cert on at least one end, that the other end verifies. But of
course that doesn't authenticate the other end.
I could do this with a password or ala SSH public/private key
authentication which uses certs too, IIRC. this mechanism is not
bound to TLS and has to be done after establishing the link be it TLS
or not but will most probably make not much sense without TLS as
the secret will be on the wire. the big disadvantage is that someone
has to deploy the key(s) to all nodes and if you have to store the
private and public key on the same node as clients & services will
connect to service@node1 and node1 itself will need to connect to
services on the other nodes it gets hairy. I think it is possible to
minimize this down to each node connecting to the master node
only but the master node itself will have to connect to service@node1
and we have the same problem with storing both priv/pub key on the
same box. is there a way to do this while also authenticating the
access between the services on different nodes?
btw, what is the use of SRP-TLS?
SRP-TLS is TLS authenticated by passwords instead of certificates.
Again, the point or SRP is that you can use short passwords for
authentication instead of needing long phrases with lots of entropy.
That means SRP-TLS is good if both the client and server have to be
authenticated by a human typing a password. An example might be a
secure online chat application. It lets you get by with no
certificates. But in a system where you can have stored secret keys
with enough entropy, there's no need for the magic SRP protocol, so
you should use regular certificate-based authentication with certs on
both the client and server side.
ah, ok, thanks.
.
- Follow-Ups:
- Re: authentication (SRP*, DH, TLS)
- From: Paul Rubin
- Re: authentication (SRP*, DH, TLS)
- References:
- authentication (SRP*, DH, TLS)
- From: gmu2006
- Re: authentication (SRP*, DH, TLS)
- From: Joseph Ashwood
- Re: authentication (SRP*, DH, TLS)
- From: xmath
- Re: authentication (SRP*, DH, TLS)
- From: xmath
- Re: authentication (SRP*, DH, TLS)
- From: gmu2006
- Re: authentication (SRP*, DH, TLS)
- From: Paul Rubin
- authentication (SRP*, DH, TLS)
- Prev by Date: Re: Compression leads to encryption NEW COMPRESSION METHOD!
- Next by Date: Re: authentication (SRP*, DH, TLS)
- Previous by thread: Re: authentication (SRP*, DH, TLS)
- Next by thread: Re: authentication (SRP*, DH, TLS)
- Index(es):
Relevant Pages
|
