macforge.org via https?

Landon Fuller landonf at macports.org
Wed Jan 2 12:37:35 PST 2008 

On Jan 2, 2008, at 10:40, Kevin Van Vechten wrote:

>
> On Dec 31, 2007, at 3:26 PM, Landon Fuller wrote:
>
>> But HTTP digest doesn't solve any of the problems that SSL solves:
>> 	- It is still vulnerable to a MITM attack. Your password is  
>> hashed, but the hash is password-equivalent -- an attacker can  
>> simply forward it on.
>
> Not really... the server sends a random nonce-value, and the client  
> must include that in the hashed-response.  Replay is not an issue.
>
> response = MD5(MD5(username : realm : password), nonce, MD5 
> (method : uri))
>
> http://rfc.net/rfc2069.html

Replay isn't an issue, but that doesn't stop a MITM attack -- the  
password-equivalent value is usable once.

Attack scenario:
	Client requests a page that requires authentication.
	MITM returns 301 redirect to the client. The redirect points to a  
URL the MITM wishes to access.
	Client automatically follows redirect. MITM passes the 401  
Unauthorized response through, client authenticates using HTTP digest.
	MITM has now successfully directed the client to a resource of its  
choice, and acquired a single-use token. Can even be used to form  
POST, via a crafted HTML page.

Nil chance of this happening at your home or internet cafe, but what  
about a targeted attack at a technical conference? Given the wide use  
and distribution of MacPorts, there is significant value in acquiring  
project access.

>> 	- Digest authentication is indistinguishable from Basic  
>> authentication -- your browser will display the same dialog  
>> regardless of the authentication type.
>
> Safari distinguishes them; Basic authentication dialogs say the  
> password will be sent in the clear.

Currently, trying to access http://www.macosforge.org/wp-login.php in  
Safari says the following:
	"Your password will be sent in the clear."

I don't have digest auth set up anywhere, so I can't test digest vs.  
non-digest in Safari.

Firefox doesn't show any difference in the auth dialog -- I'd easily  
login using the basic auth. Also, does Safari refuse to auto-login if  
the authentication type changes?

>> At best, it will prevent a passive attacker from acquiring your  
>> password. Anyone engaging in an active MITM attack will have no  
>> difficultly acquiring your password.
>
>
> I agree SSL provides additional security benefits, but digest  
> authentication isn't as transparent as you indicate.


I still hold that it is -- digest auth makes passive sniffing  
useless, but it doesn't prevent an active attack from acquiring your  
password, especially if you're using a browser that fails to  
differentiate between digest and basic auth.

-landonf
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://lists.macosforge.org/pipermail/macports-dev/attachments/20080102/36c45118/PGP.bin

More information about the macports-dev mailing list