openssl phishing : V claims to be A

怎甘沉沦 提交于 2019-12-12 03:07:33

问题


there are several components of my application, needs their communication secure in the sense Origin Verified. these components cannot share a common secret. So I have to opt for asymmetric key encryption. assuming I've two components A and B A sends some data F to B and B has to verify that it really came from A

A generates digest H of F with its private Key
A attaches A_pub, H to its request Parameters, sends F and declares origin/sender as A
B verifies the digest H with the A_pub provided against F

apparently it looks Okay But if some other component V does the same with V_pub and claims itself as A, B still thinks the request came from A as this H is made with V_prv openssl verifies Okay.

I want to give protection against this attack of V

I am using ecparam secp112r1 to minimize key length. and keys are repeatedly changed.

-- EDIT --

A, B and V are application components identified by unique URI. Its currently intended to constraint secure page flow. e.g. you can assume A, B, V be urls What I want is Only A can procced to B and only B can proceed to C .... and I don't want to maintain a global/application wide session for that. so If B can just verify the origin of this link based on the special parameters A have passed to it in a state/session-less manner. and the more generic it can be the more reusable it will be to implement in other scenarios too.

Once I thought to maintain a checksums of A_pub in a trusted global storage. however I am afraid wouldn't that be an over engineering ?

another way comes in my mind is to query back the origin url regarding the public key. However I want to avoid that.


回答1:


This technique cannot verify the identity of the sender, only that the keys are a matching pair.

Typically, B would already possess some piece of trusted information that it can use to validate A's identity. The information is generally a copy of A_pub that it had previously validated, or that has been signed by a trusted third party, in which case B must have access to that third party's public key.

Without this additional information, B cannot verify the identity of A.



来源:https://stackoverflow.com/questions/9957562/openssl-phishing-v-claims-to-be-a

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!