|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: DH-CHAP
I think that we will have to decide if MIM and any other active attacks should be a major concern.
IMHO they are for (at least) the following reasons:
- wireless is be coming important and MIM attacks are so much simpler in this are
- bidirectional authentication is important as loading active content from an unauthenticated target is a major risk (imagine that you load a slightly modified OS from an impersonating target) and both target and initiator should be concerned about impersonators
DH-CHAP (or should I call it DB-CHAP?) used for bilateral authentication as 2 exchanges besides not "synchronizing" authentication is even more exposed to active attack than CHAP.
Julo
Home
Last updated: Fri Apr 12 12:18:20 2002
9631 messages in chronological order
|