Re: [Exim] SMTP authentication with public-key (PGP/GPG)?

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: exim-users
Subject: Re: [Exim] SMTP authentication with public-key (PGP/GPG)?
On 2000-11-08 at 11:10 +0100, Daniel Dorau gifted us with:
> I'm looking for a secure way to do SMTP authentication. There are
> two things I would like to have taken care of:


See the recent testing releases.

> The server generates a challenge string. The client takes this
> string and adds his username to this string (challenge\nusername)
> and signs this resulting string with his private (PGP/GPG or
> whatever) key. The result is sent back to the server which uses
> the username to lookup the public key from that user and checks
> the signature. Note that the server does not need to know his own
> challenge when checking the signature. The challenge is only
> needed to have the client generate a different signature each time,
> so sniffing it won't help.


Vulnerable to replay attacks.

The server _does_ need to know its own challenge string, otherwise
someone who can sniff the connection could just resend the response at
a later point - it would still be a valid signing. Try having a random
challenge, which is remembered, and possibly also things like timestamps
in there. I dunno - I'm no cryptanalyst.

And then you need to hack support into each and every MUA which you want
to use it - if you want to promote this, you'd probably be better off
asking on the nearest relevant IETF list, and perhaps end up starting a
new Working Group.

>                                                       private key

>
>           <-----------------------------------------
>                send signed "$challenge\nusername"

>
>    lookup users
>    public key and
>    check signature

>
>
> Maybe it is sufficient to only sign the challenge and send back the
> signed challenge as "signature:" response.
>
> I hope you got the idea now. The pam module called with "challenge"
> generates a challenge string.
> When called with "check" it looks up the public key and checks the
> signature.
>
> Do you think this is possible using the plaintext(LOGIN) driver?
> (In using the LOGIN method, I see the only way to transmit the
> challenge string to the client)
>
> What do you think about it?
>
> -- 
> Daniel Dorau                                      woodst@??? 
> << Linux is like living in a tipi: No windows, no gates, Apache inside >>
>        PGP key available, send mail with 'Subject: send pgp key' 
>             fingerprint: 8D7E0B2F9E2E5338  DB7B24742E8B2EAE 

>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##


--
Civilisation: where they cut down the trees and name streets after them.