RE: DH-CHAP

To: Yongge Wang <ywang@karthika.com>
Subject: RE: DH-CHAP
From: Bill Studenmund <wrstuden@wasabisystems.com>
Date: Fri, 12 Apr 2002 09:58:07 -0700 (PDT)
Cc: <ips@ece.cmu.edu>, <black_david@emc.com>
Content-Type: TEXT/PLAIN; charset=US-ASCII
In-Reply-To: <FOEDIAMMNNAJCNDKPAAPIEEKCAAA.ywang@karthika.com>
Sender: owner-ips@ece.cmu.edu

On Fri, 12 Apr 2002, Yongge Wang wrote:

> Thanks for all of your responses.
> 1. First a small clarification: this kind of attack is easy to mount
> than man-in-the-middle attack and is not a man-in-the-middle attack.

How is this not a man-in-the-middle?

Quoting your original note:

> When the attacker Carol intercepts the first message from the initiator
> to the target: "requesting for service". Carol will impersonate
> target and send her g^x and r to target (which she knows x and r).
...
> Now initiator will think that this g^x and r coming from the target
> and will generate g^y and H(password, ID, H(r, ID, g^xy)) to target.

Ahh.. It's not quite man-in-the-middle as you are impersonating the
target.

I'm not sure what to do about this.

Take care,

Bill

References:
- RE: DH-CHAP
  - From: "Yongge Wang" <ywang@karthika.com>

Prev by Date: iscsi : Rev 11-94
Next by Date: RE: DH-CHAP
Prev by thread: RE: DH-CHAP
Next by thread: RE: DH-CHAP
Index(es):
- Date
- Thread

Home

Last updated: Fri Apr 12 12:18:19 2002
9631 messages in chronological order