Off-Path Hacking: The Illusion of Challenge-Response Authentication

Author

Gilad, Yossi ; Herzberg, Amir ; Shulman, Haya

Volume

12

Issue

5

fYear

2014

fDate

Sept.-Oct. 2014

Firstpage

68

Lastpage

77

Abstract

Everyone is concerned about Internet security, yet most traffic isn´t cryptographically protected. The typical justification is that most attackers are off path and can´t intercept traffic; hence, intuitively, challenge-response defenses should suffice to ensure authenticity. Often, the challenges reuse existing header fields to protect widely deployed protocols such as TCP and DNS. This practice might give an illusion of security. Recent off-path TCP injection and DNS poisoning attacks enable attackers to circumvent existing challenge-response defenses. Both TCP and DNS attacks are nontrivial, yet practical. The attacks foil widely deployed security mechanisms and allow a wide range of exploits, such as long-term caching of malicious objects and scripts.

Keywords

Internet; computer network security; telecommunication traffic; transport protocols; DNS poisoning attacks; Internet security; challenge-response authentication illusion; challenge-response defenses; cryptography protection; off-path TCP injection; off-path domain name system; off-path hacking; protocols; security mechanisms; transmission control protocol; Computer crime; Computer security; Cryptography; IP networks; Internet; Ports (Computers); Protocols; DNS cache poisoning; TCP injections; challenge-response defenses; off-path attacks; security;

fLanguage

English

Journal_Title

Security & Privacy, IEEE

Publisher

ieee

ISSN

1540-7993

Type

jour

DOI

10.1109/MSP.2013.130

Filename

6627890