Public storage for public keys

[Ed Phillips]

On Mon, 14 Jan 2002, Frank Cusack wrote:

> Date: Mon, 14 Jan 2002 13:45:19 -0800
> From: Frank Cusack <fcusack at fcusack.com>
> To: Michael Tokarev <mjt at tls.msk.ru>
> Cc: openssh-unix-dev at mindrot.org
> Subject: Re: Public storage for public keys
>
> On Mon, Jan 14, 2002 at 11:42:07PM +0300, Michael Tokarev wrote:
> > Markus Friedl wrote:
> > >
> > > how can you trust ldap? or dns?
> >
> > How you can trust public pgp keyservers?
> >
> > On another side, for storing *public* keys, there is no
> > *real* need to be *so* suspicious.
>
> Storing pgp keys is a completely different animal.  pgp has it's
> own trust model and doesn't depend on the trustworthiness of the
> key distribution.  ssh keys, on the other hand, do not have
> this quality.
>
> >  Saved pubkeys protects from man-in-the-middle attacks.
>
> Yes, saved in a trusted location (ie, local file system).
> A key in DNS is not trustworthy, since DNS is easily
> compromised.

Just for giggles, let's say we're distributing public host keys via DNS,
and JH (Joe Hacker) is trying to use this as an advantage to break into a
system that is trusting the DNS-supplied public keys.  In order to cause a
compromise, JH would need to somehow convince a system running the ssh
client (system A) that the sshd server it THOUGHT it was connecting to
(system B) is the real thing when really it is not.  In order to do this,
JH would have to first, intercept DNS traffic from A DNS and return a
spoofed public host key for system B (okay - that should be easy enough
for JH).  Then the hard part - JH would have to play man-in-the-middle
between A and B enough to convince A that the spoofed host key for B is
okay... but how can JH do this without knowing the REAL private host key
for system B?  What am I missing?

Thanks,

	Ed

Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082
Systems Programmer III, Network and Systems Services
finger -l ed at polycut.nss.udel.edu for PGP public key