On Mon, 2014-03-24 at 04:27 +0100, Bas Wijnen wrote: > On Sun, Mar 23, 2014 at 02:50:04AM +0100, Christoph Anton Mitterer wrote: > > On Sat, 2014-03-22 at 13:42 +0000, Ivan Shmakov wrote: > > > First of all, accepting some > > > “random” certificates may give the users some false sense of > > > security. > > > > This is true, and also a reason why I'm really convinced of the argument > > encrypt/sign,... even if it's not trusted... > > I don't understand what you're saying here.
I just agreed to Ivan's opinion... right now many people say "it's better to do crypto, even if it's anonymous and you have no idea who you're talking to"... their reason is usually on of - the attacker may miss the point where the communication starts and therefore the point where he could do an MitM - even if the attacker does MitM, he would need more computing power (and therefore money) to decrypt everything. The 2nd argument is IMHO very weak... and the first one... well this might help against some people just sniffing around there and then... but not against the big attackers like NSA & Co. > No. The basis of a man in the middle attack is that both parties talk > to you and think you are the other end of the communication. They > encrypt their traffic against YOUR public key, instead of the actual > recipient's key. If they encrypt it with the right key, you can see the > encrypted traffic but not read it. You could modify the packets, but > the only effect would be that they would fail to decrypt. Sure... o.O But that's just the point... When an attacker sits on the line between A and B,.. and they don't encrypt... than obviously he can read/tamper with everything. Now people say, "encryption still helps, even when it's anonymous - and that's the scenario we were talking about". Does it really? If the attacker sits on the line between Alice and Bob (which he apparently does, since he was able to read the unencrypted stuff)... and if Alice and Bob don't verify their identities... then he can to MitM... just as you explained it above. So I'd say... anonymous encryption does not really help that much... at least not against someone who constantly sits on the line and watches all traffic (which NSA&friends surely do) It gives rather a wrong sense of security. > A certificate authority does not provide the encryption keys. It only > puts signatures on them. Without any CA, you can still encrypt if you > have the target's public key. Well sure.. but what do you want to tell us? Of course you can.. but nobody usually manually trusts X.509 certs (i.e. non-CA-certs) > An evil CA cannot read your traffic (unless they are in > the path of your communication). Sure... but they can create any identity ... and getting somehow into the path of a communication.. or tricking one of the peers to a wrong path is usually the easier part. Cheers, Chris.
smime.p7s
Description: S/MIME cryptographic signature
