User: Password:
Subscribe / Log in / New account

The case of the fraudulent SSL certificates

The case of the fraudulent SSL certificates

Posted Mar 24, 2011 18:07 UTC (Thu) by nybble41 (subscriber, #55106)
In reply to: The case of the fraudulent SSL certificates by giraffedata
Parent article: The case of the fraudulent SSL certificates

You try to connect to PayPal. The bad guy intercepts your connection and forwards the traffic to/from the real PayPal site. This is essentially the definition of MITM.

Normally, SSL/TLS would prevent the MITM from observing the cleartext of the traffic, since (a) the MITM needs the proper private key to decrypt what you're sending, and (b) the client verifies that the public key used to encrypt outgoing traffic corresponds to the domain name. The bad guy can only observe the unencrypted traffic by substituting a different certificate, one which would not be approved by a registered CA for use with that domain, thus giving away the MITM attack.

The existence of a fraudulent certificate nullifies (b), since the client will see a certificate certified for the right domain name, but (presumably) the bad guy has the corresponding private key and can thus decrypt the traffic (and re-encrypt it with the right certificate before forwarding it to PayPal, or visa-versa).

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds