如何防止在受到攻击的服务器的情况下的中间人攻击? [英] How to prevent a man-in-the-middle attack in case of a compromised server?
问题描述
假设服务器正在向其合作伙伴提供用户的公钥,以使加密通信成为可能。但是,服务器不能访问私钥。
Imagine that a server is serving public keys of the users to their partners to make encrypted communication possible. However, the server does NOT have access to the private keys..
无论如何 - 假设服务器被黑客攻击,并且不发送请求的公钥:
Anyway - imagine the server is hacked and it sends not the requested public keys:
Alice请求Bob的公钥
服务器发送 Eve的公钥
Bob请求Alice的公钥
服务器发送 Eve 公钥
Bob requests Alice's public key
Server sends Eve's public key
Bob
服务器解压邮件,读取并重新打包 - >发送给Bob ...
Alice sends a message to Bob
Server unpacks message, reads it and repacks it -> sends to Bob...
Bob向Alice发送邮件
服务器解包邮件,读取它并重新打包 - >发送到Alice ...
Bob sends a message to Alice
Server unpacks message, reads it and repacks it -> sends to Alice...
我的问题是 - 如何防止这种滥用?
My question is - how to prevent such abuse? How can Alice be sure that she's using Bob's public key and vice versa?
推荐答案
在您刚才建议的计划下,您可以 t。
Under the scheme you just proposed, you can't. The key here (no pun intended) is if the method used to verify the validity of the keys is compromised, you lose.
SSL尝试通过创建签名来避免这种情况(如果用于验证密钥有效性的方法)链 - 一些(非常仔细地保护,并通过其他方法验证)键标志另一个键,签署另一个键,标志爱丽丝的钥匙。通过验证链中的每个步骤,你可以(原则上)知道链是有效的 - 但是如果链中任何步骤的私钥被破坏,你就会失去。
SSL tries to avoid this by creating a signature chain - some (very carefully guarded, and verified by other methods) key signs another key, signs another key, signs Alice's key. By verifying each step in the chain you can (in principle) know that the chain is valid - but if the private key along any step in the chain is compromised, you lose.
PGP(aka GPG)尝试以不同的方式解决问题,但是类似的方式 - 键可以通过任何数量的其他键签名,形成一个图形(称为 web of trust )。您可以选择已确认有效的某些键,例如,亲自验证 ,并将其标记为可信。然后任何可到达不到N步(和/或来自不同受信根的M个不同路径)的密钥也被视为有效。
PGP (aka GPG) tries to solve the problem in a different, but similar way - keys can be signed by any number of other keys, forming a graph (called the web of trust). You select some keys that you have confirmed valid by, for example, verifying them in person, and mark them as trusted. Then any keys reachable by less than N steps (and/or from M distinct paths from different trusted roots) are also considered valid.
如果你真的偏执,当然,可以把钥匙交给他人。当然,他们必须确保它不是一个伪装成你的人...
If you're really paranoid, you can, of course, physically hand the key to the other person. Of course, they have to be sure it's not someone disguised as you...
这就是说,唯一真正的万无一失的验证一个键的有效性的方法是生成它自己...除非你的硬件/操作系统/编译器/大脑也受到影响:)
That said, the only truly foolproof way of verifying the validity of a key is generating it yourself... unless your hardware/OS/compiler/brain is compromised too :)
这篇关于如何防止在受到攻击的服务器的情况下的中间人攻击?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
