[ILUG] SSH dictionary attacks.

paul at clubi.ie paul at clubi.ie
Sun Aug 27 17:06:50 IST 2006 

On Sun, 27 Aug 2006, Aine Douglas wrote:

>> particularly can make such hardware expensive. Cheaper, smaller
>> 'smartcards' likely still allow a determined attacker to recover the
>> secret key (e.g. the credit card and "ChipKnip" banking smartcards
>> are vulnerable iirc).
>
> That is the basis for the majority of PKCS11 devices. Values go in,
> computation carried out on card, result comes out.

Reread the text you're replying to :).

> Technologies have moved on since you've learned this one. I'm not 
> sure about the opensource security toolkits, but the commercial 
> ones allow you to create encrypted memory allocations which avoid 
> this, and in those memory allocations, they specifically allocate 
> in physical memory and not virtual memory spaces else the 
> allocation returns an error and you can't do the operation. Check 
> out the Baltimore jcrypto api for more info.

That's nice, but the key is still accessible to the administrator. 
Which in many cases == the user (especially on windows machines). 
Further, even if the user does not have administrative rights, if 
they control the machine, they have administrative privileges if they 
want it.

Some thing to read up on is "Snake oil", google for that term + 
"Schneier".

I can categorically tell you that this software of Baltimore's has 0 
way of knowing whether or not it has been tampered it on common 
systems today. If anyone says it can (and I bet Baltimore *won't*) 
they are misinformed. It might be able to guard against unprivileged 
users, but that's not full tamper-protection.

> possibly hold. Just don't keep your eyes closed to the 
> possibilities forever, as the weaknesses expressed by yourself are 
> so obvious it is only a matter of time before someone addresses the 
> issue.

You mentioned the word "intractible". You point out that for some 
reason there's no open code to solve this problem, despite 
many commercial companies apparently having "solved" this problem.

Ask yourself why, and don't forget to google for:

 	snake oil Schneier

regards,
-- 
Paul Jakma	paul at clubi.ie	paul at jakma.org	Key ID: 64A2FF6A
Fortune:
All new:
 	Parts not interchangeable with previous model.

More information about the ILUG mailing list