[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: No matter where you go, there they are.
Well, we've pretty throughly convinced ourselves that Denning's scheme can be
spoofed (I'm convinced, anyway.)
It's actually worse than useless - it's a substantial security breach.
To spoof being at a location, Mallory needs to know the location he is trying to spoof.
With S/A off (as I understand it is now), he need to know the location within a couple
meters, in three dimensions.
Such precise location data is usually difficult to obtain, without actually visiting the
site and recording the location using GPS. Mallory might be able to work out, for example,
the location of the desk in the Oval office to that precision by triangulation (though
setting up theodolites on Massachusetts Avenue may attract some attention :-)
However, I defy him to find the location of a specific PC in NSA headquarters, or in a
secured communications facility without actually visiting the desk
carrying a GPS receiver (which he won't be allowed to do, unless he's got a
damn good reason).
However, since the protocol requires that Alice send out location data, once
she starts using it she reveals her physical location to Eve, Mallory, and anyone ese
who can see the packets. Since the nature of the protocol is that Alice's location does
not change frequently (and needs to transmitted via a trusted channel to Bob when it
does), after the first usage Mallory *knows* the physical location he is trying to
simulate, and can use this information for future spoofing.
The upshot of this is that Denning's scheme not only provides no security against
spoofing, and leaks potentially sensitive data about locations.
If Sadaam Huissain (sp?) had used this scheme during the Gulf War, we'd have been
able to send a cruise missile directly to his keyboard.
[These flaws in the protocol seem so obvious that I can't help but wonder if we're
missing something - Dorothy isn't *that* stupid.]
Peter Trei
[email protected]