[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [kmip] Locate by Value proposal
Hi Anthony An interesting idea, but I wonder if that capability would be more useful to a hacker than to a legitimate customer. The risks seem to outweigh the benefits. As a contrived example, suppose you’re at a 5000-room resort hotel and you drop your room key in the lobby. Moments later, a thief finds your lost key, but doesn’t know which room it will open. No problem, because the hotel has a database of its room keys and a corresponding image of every key. The thief takes a photo of the key and pays $20 to his insider friend to run a search on the image. Voila, the thief learns that the key will open Room 3724. Don’t analyze the example too intensely, because I’m sure there are a number of holes, but I think the general concern is valid. If instead of a lost physical key we substitute a lost or stolen password, I think you can imagine how the search capability could be exploited to a hacker’s advantage. You could argue that if the hacker is able to perform the search, then the hacker already has access to the keys, but the critical detail is that the hacker is already in possession of a piece of information but doesn’t know how to use it. The search result tells him. Perhaps this risk could be mitigated by a server policy requiring that Key Blocks be searchable only by clients that are also permitted to Get [i.e. export] the corresponding keys. In one of your examples [4th slide], you propose that this capability could find a Group Member attribute in the Key Block. Could you clarify why you would search for this attribute in the Key Block? i.e. I understand that the attribute can be packaged within the Key Block – e.g. at time of Register – but why would the server leave this attribute in the Key Block? It must anyway be made accessible by Locate (and Get Attributes, and Get Attribute List) – even now, without the proposed extension. Finally, also on the 4th slide, could you clarify how this capability would match data within a wrapped Key Value [within a Key Block]? If the Key Value is wrapped, would a search not require that the Key Value be unwrapped? And if the wrapped Key Value can be unwrapped, would not the unwrap have occurred once (and only once) when client first Register’d the key? Cheers, … Dave From: kmip@lists.oasis-open.org [mailto:kmip@lists.oasis-open.org] On Behalf Of Anthony Berglas Hello All, Attached is the proposal for being able to Locate objects by their values in an analogous way that we can locate by attribute. Regards, Anthony
Anthony Berglas Ph.D. The information contained in this electronic mail transmission may be privileged and confidential, and therefore, protected from disclosure. If you have received this communication in error, please notify us immediately by replying to this message and deleting it from your computer without copying or disclosing it. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]