0

In below ssl diagram :

enter image description here

I have one doubt with 1-way ssl. If there is an interceptor in-between client and server who can alter in following way :

  • In step 8, when client is sending his symetric key to server, encrypted by server's public key, if interceptor ignores client message, instead sends its own key using same server's public key. This was server will think that interceptor is actual client.
  • In step 14, interceptor can ignore actual client data, instead he can generate its own data ( even HMAC) with its own key, and server will accept this request too, as server has interceptor's key only.

This way someone can always mock a client and sends its own data instead of actual client.

Since in 1-way ssl, we are not verifying client authenticity, can someone alter ssl by above way ? Am I missing anything big ?

Rajat Goyal
  • 101
  • 1
    This is just the interceptor talking to the server and ignoring the client. It can already talk to the server without the client involved, so there's no difference there. It is not performing man in the middle since it is not pretending to be the server. – Marc Jul 13 '20 at 07:02
  • @Marc but actual client think that he is hitting the server and it is getting processed by server. – Rajat Goyal Jul 13 '20 at 07:28
  • I'm not sure why you are asking again. I've already pointed out in my comment to your same question on SO that this question already has an answer here. The attacker simply cannot manipulate the handshake without the client noticing and thus your attack idea will not work. – Steffen Ullrich Jul 13 '20 at 07:30
  • The client will absolutely not think that, its side of the handshake will fail since the interceptor does not have the server's private key and cannot use its own. I recommend you read and understand the overview at wikipedia. – Marc Jul 13 '20 at 07:44

0 Answers0