On 2000-11-08 at 11:10 +0100, Daniel Dorau gifted us with:
> I'm looking for a secure way to do SMTP authentication. There are
> two things I would like to have taken care of:
See the recent testing releases.
> The server generates a challenge string. The client takes this
> string and adds his username to this string (challenge\nusername)
> and signs this resulting string with his private (PGP/GPG or
> whatever) key. The result is sent back to the server which uses
> the username to lookup the public key from that user and checks
> the signature. Note that the server does not need to know his own
> challenge when checking the signature. The challenge is only
> needed to have the client generate a different signature each time,
> so sniffing it won't help.
Vulnerable to replay attacks.
The server _does_ need to know its own challenge string, otherwise
someone who can sniff the connection could just resend the response at
a later point - it would still be a valid signing. Try having a random
challenge, which is remembered, and possibly also things like timestamps
in there. I dunno - I'm no cryptanalyst.
And then you need to hack support into each and every MUA which you want
to use it - if you want to promote this, you'd probably be better off
asking on the nearest relevant IETF list, and perhaps end up starting a
new Working Group.
> private key
>
> <-----------------------------------------
> send signed "$challenge\nusername"
>
> lookup users
> public key and
> check signature
>
>
> Maybe it is sufficient to only sign the challenge and send back the
> signed challenge as "signature:" response.
>
> I hope you got the idea now. The pam module called with "challenge"
> generates a challenge string.
> When called with "check" it looks up the public key and checks the
> signature.
>
> Do you think this is possible using the plaintext(LOGIN) driver?
> (In using the LOGIN method, I see the only way to transmit the
> challenge string to the client)
>
> What do you think about it?
>
> --
> Daniel Dorau woodst@???
> << Linux is like living in a tipi: No windows, no gates, Apache inside >>
> PGP key available, send mail with 'Subject: send pgp key'
> fingerprint: 8D7E0B2F9E2E5338 DB7B24742E8B2EAE
>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
--
Civilisation: where they cut down the trees and name streets after them.
