Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

After fielding a custom-cryptography single signon system for your Ruby applications, you think your biggest concern is "how well will the system survive the loss of one of my app servers to an attacker"? Let me help you out with that: you won't survive the loss of one of your app servers. You're going to have to rebuild and rekey everything.

No, the biggest concern you have doing custom-cryptography for your Ruby apps is that the cryptography itself is going to hand attackers control of your app servers. Which, from experience, is somewhat likely. More likely if you haplessly use RSA or DSA.



Obviously you're going to rebuild compromised servers and change all the keys... as soon as you find out you've been hacked.

What about before then? You're advocating a scheme whereby if any verifier is compromised, the attacker can forge tokens. This isn't the case with a system that uses asymmetric crypto.


You're going to have to re-key because as soon as you got hacked the security of your SSO scheme is likely nil. When you find out about has nothing to do with anything.

In any case, no part of block cipher crypto requires every pair of participants to share the same key --- even in the unlikely even that you needed all-pairs keys (virtually all SSO systems have a star topology).

The idea that a system is going to resist forgery because it uses public key cryptography would be amusing if it wasn't so common. In reality, cryptography does not work the way _Applied Cryptography_ says it does; it works more like the way _Cryptography Engineering_ says it does. In other words: it conspires at all points and at all times to fuck you.


I'm seeing a lot of polemic and handwaving but missing substance, sorry.

What is the actual problem with RSA in this context, assuming OpenSSL is used correctly? What are the common pitfalls?


I'm definitely not providing all the substance, you're right.


I take it you're being sarcastic, but the negative comments you're receiving are I think because you departed from giving advice on implementation and strategy, and attempted to give a piece of cryptographic advice.

The only way anyone gets to imply that public key crypto is less secure, or more dangerous, without being challenged, is if a new attack is presented. Otherwise it's all innuendo and handwaving.

Most apps and sites may not derive any advantage from public key crypto, but you can't say that for sure until you see a site (or SSO multi-site) design.


I'm not being sarcastic. I'm simply not interested in going into more detail on this topic.

I don't think anyone who's opinion I care about on HN thinks I'm dealing in innuendo on crypto topics.


That didn't really answer my question, and you're changing the argument. You said, paraphrasing, "public key is less secure than shared key", which doesn't really make sense, for the reasons I already mentioned. Saying its all irrelevant because my app is already insecure is totally orthogonal to this sub-thread.


No, that's not all I said.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: