Showing papers on "Legacy mode published in 2002"

Man-in-the-Middle in Tunneled Authentication Protocols

Abstract: Recently new protocols have been proposed in the IETF for protecting remote client authentication protocols by running them within a secure tunnel. Examples of such protocols are PIC, PEAP and EAP-TTLS. One goal of these new protocols is to enable the migration from legacy client authentication protocols to more secure protocols, e.g., from plain EAP type to, say, PEAP. In these protocols, the security of the subsequent session credentials are based only on keys derived during the unilateral authentication where the network server is authenticated to the client. Client authentication is mentioned as an option in PEAP and EAP-TTLS, but is not mandated. Naturally, the PIC protocol does not even oer this option, because the goal of PIC is to obtain credentials that can be used for client authentication. In addition to running the authentication protocols within such tunnel, it should also be possible to use them in legacy mode without any tunneling so as to leverage the legacy advantages such as widespread use. In this paper we show that in practical situations, such a mixed mode usage opens up the possibility to run a man-in-the-middle attack for impersonating the legitimate client. For those well-designed client authentication protocols that already have a sucient level of security, the use of tunneling in the proposed form is a step backwards because they introduce a new vulnerability. The problem is due to the fact that the legacy client authentication protocol is not aware if it is run in protected or unprotected mode. We propose to solve the discovered problem by using a cryptographic binding between the client authentication protocol and the protection protocol.

Integration of legacy client-server applications in a secure multi-tier architecture

Abstract: Presents a CORBA-based multi-tier architecture which is capable of adding security to an existing service. We assume the legacy application is available as a compiled program consisting of a client and a server module. Under these assumptions, we show how to build a new system which re-integrates the original service and secures it. The architecture we propose is quite flexible and represents a framework which can be adopted - with minor changes - for improving the security level of a wide class of legacy systems. A system prototype has been developed and its performance evaluated. The prototype uses digital certificates which can be provided by virtually any certification authority. A fundamental advantage of the proposed approach is that the legacy server is integrated in the secure system with no changes being made to it. This minimizes the development effort, since full reuse of existing software is achieved. Furthermore, backward compatibility is preserved, since it is possible to integrate the new clients with the pre-existing applications, protecting the investment in legacy systems.