[jboss-jira] [JBoss JIRA] (JGRP-2133) ASYM_ENCRYPT / AUTH: prevent man-in-the-middle attacks on key exchange
Bela Ban (JIRA)
issues at jboss.org
Fri Nov 18 09:08:00 EST 2016
Bela Ban created JGRP-2133:
------------------------------
Summary: ASYM_ENCRYPT / AUTH: prevent man-in-the-middle attacks on key exchange
Key: JGRP-2133
URL: https://issues.jboss.org/browse/JGRP-2133
Project: JGroups
Issue Type: Feature Request
Reporter: Bela Ban
Assignee: Bela Ban
Fix For: 4.1
When a new member fetches the shared (secret) key from the keyserver (coordinator), the requester sends ist public key with the key request and the keyserver encrypts the secret key with the requester's public key, so that only the requester can decrypt the message with its private key.
However, this initial exchange of the shared key is prone to MIM attacks [1]. The same applies to AUTH and asymmetric authentication, e.g. challenge-response.
Goal: replace the secret key exchange in ASYM_ENCRYPT and ChallengeResponseToken with code that is not prone to MIM attacks.
Possible solutions:
* Diffie-Hellman-Merkle to establish a secret session key only for the key exchange (not used after that).
* Use of certificates: public keys sent with the initial shared key request are signed by the CA and verified by the keyserver when a shared key request is received
\[1\] https://en.wikipedia.org/wiki/Man-in-the-middle_attack
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list