undefined | Better HN

0 pointsjlund11y ago0 comments

That's like saying that SSH isn't more secure than Telnet unless you personally drive to the data center and verify the fingerprints of every single server by hand.

In reality, TOFU is a form of key verification and it is highly effective against MITM attacks because there's no way for an adversary to reliably determine whether or not a user is seeing a fingerprint for the first time. If at any point the fingerprint changes, the users are warned.

Users can also easily check and compare fingerprints too. They are not mutually exclusive.

0 comments

3 comments · 1 top-level

StavrosK11y ago· 2 in thread

I'm talking about absolute terms and you're replying with relative terms. I didn't say that SSH isn't more secure than telnet, I said that you can't be secure against an active MITM unless you verify the keys. That's a fact, I'm not sure how one can argue against it.

Sure, TOFU is better than nothing, and might even be very good, but there's still a way for an active adversary to MITM you.

jlundOP11y ago

Yeah, I don't think we actually disagree. Key verification is important, which is why it's a feature in Signal.

In order for an active adversary to perform a successful MITM attack against a TOFU scheme they would need to successfully determine when someone is seeing a fingerprint for the first time (or get lucky) and then successfully maintain their MITM position across every single network the device uses, forever. If they fail at either of those, the user will be warned.

I keep bringing up SSH because it's an example of a fingerprint verification system based on TOFU that works incredibly well at preventing MITM attacks. No one is having key signing parties with their servers, and yet connections remain secure.

StavrosK11y ago

I agree, but it's much easier for me to tell a friend "hey is this your key?" when we're together than go all the way up to my server and connect directly to it. That's why I think that there should be a UI element that says "you're pretty secure, but if you just check this you're golden".

j / k navigate · click thread line to collapse