undefined | Better HN

0 pointsteraflop11y ago0 comments

But the protocol doesn't do mutual authentication, so without using HTTPS, you have no way of ensuring that you're contacting the correct server. So during the authentication process, the attacker can control your view of the site and get you to sign whatever login requests they want.

0 comments

Buge11y ago

Yeah I think you're right.

And if all authentication is done client-side with javascript, the attacker could steal your private key and use it to attack other sites.

alexro11y ago

You can still use SSL, why that argument? BitAuth makes you sign-up and log-in with a public key, SSL plays along to verify the server. Win-win?

teraflopOP11y ago

Sure, and any sane implementation of BitAuth should use SSL.

The point I'm trying to make is that if you can trust SSL to protect a BitAuth signature, you can also trust it to protect a password. So claiming "passwords may travel over plaintext" as a relative advantage of this scheme is disingenuous; in both cases, you need to provide that protection at a lower protocol level.

j / k navigate · click thread line to collapse