Re: Digest mess

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: John Franks: "Re: Digest mess"
• Previous message: Larry Masinter: "Re: Digest mess"

Note the temporary mailing list: ietf-http-wg@w3.org

On Fri, 19 Dec 1997, Scott Lawrence wrote:

> 
>> John Franks:
> 
>> It is the client who must be concerned about reused nonces to avoid
>> a replay attack.  To avoid a replay attack the client would have to
>> keep a data base of all previous nonces and make sure they are not 
>> reused.
> 
> No - it only needs to keep the nonce it used for the outstanding
> request; if that does not produce the correct digest then it is not
> valid even if it would have been valid for some earlier request.  
> 

Maybe I am not understanding you.  It seems to me that if a client,
for example, regularly places an order and receives and acknowledgement
there is a possible replay attack.  

If an intermediary attacker intercepts the order he can impersonate
the server and offer a nonce from a previous transaction.  The client
then submits the order which is grabbed by the attacker and then the
attacker replays a previous acknowledgement with the dates changed.  A
similar attack might involve sending a fake 304 when in fact the
resource has changed.  This is what hash dates is supposed to prevent.
Am I missing something.

John Franks
john@math.nwu.edu

• Next message: John Franks: "Re: Digest mess"
• Previous message: Larry Masinter: "Re: Digest mess"