[openssl-dev] [openssl.org #3744] Enhancement Request
lists
lists at rustichelli.net
Fri Mar 13 11:35:47 UTC 2015
On 03/11/2015 01:28 PM, Shawn Fernandes via RT wrote:
> Hi,
> At the moment, we have SSL handshake making use of a single certificate, using a single key-pair present in the certificate.
> In the event the MITM has the same certificate(SSL - offloader) then the data can be encrypted/decrypted.
> Would like to know if we can have the enhancement of using random key pair, generated form each certificate, so that each SSL handshake would make use of a random key-pair, and thereby give a different key value to each encryption -decryption, and therby be able to determine if the MITM with a same certificate has decrypted & encrypted data.
> With Regards,
> Shawn
I'm not an expert here, but I must share a couple of considerations that
the master of cryptography may want to reject or amend:
- if we're talking of non-mutual X509 authentication, that is just the
server has a certificate, the solution would be ineffective against a
determined attacker who possesses the server certificate because it
would be possible, for the MITM, to fully impersonate the server. The
MITM would talk with both parts using random keys
- as a general security perspective, it is always bad when a private key
is compromised.
Mutual authentication would help, yes, but you're navigating
dangerous waters anyway
- the TLS-SRP, in my understanding, involves a pre-shared secret which
is not, most often, a viable solution
More information about the openssl-dev
mailing list