Getting a grasp on Heartbleed and IDPs
Ian Young
ian at iay.org.uk
Thu Apr 10 12:05:14 EDT 2014
On 10 Apr 2014, at 16:53, Wessel, Keith <kwessel at illinois.edu> wrote:
> If the IDP’s private key was exposed (through connections to Apache connections to 8443), what could a hacker do with it? Could they intercept assertions from our IDP and decrypt them?
If they can run some kind of DNS poisoning attack, then they can impersonate your IdP to an SP making an attribute query, up until the point where that key material has been removed from metadata.
They can also directly issue signed assertions to SPs using that key. Again, this will stop working once the SP sees metadata that doesn't include that key.
Assertions going from the IdP to the SP are encrypted with a transient session key which is then encrypted using the *SP*'s public key, so they can't be decrypted by any party other than the intended SP, including the IdP itself.
-- Ian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140410/90848fa5/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5943 bytes
Desc: not available
Url : http://shibboleth.net/pipermail/users/attachments/20140410/90848fa5/attachment.bin
More information about the users
mailing list