IETF Logo Mail Archive

Re: [hybi] A bit of pragmatism

Bruce Atherton <bruce@callenish.com> Sun, 09 January 2011 23:43 UTC

Return-Path: <bruce@callenish.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DBCE83A6859 for <hybi@core3.amsl.com>; Sun, 9 Jan 2011 15:43:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.581
X-Spam-Level:
X-Spam-Status: No, score=-2.581 tagged_above=-999 required=5 tests=[AWL=0.018, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id af0PVZ6dyE39 for <hybi@core3.amsl.com>; Sun, 9 Jan 2011 15:43:53 -0800 (PST)
Received: from biz82.inmotionhosting.com (biz82.inmotionhosting.com [74.124.202.87]) by core3.amsl.com (Postfix) with ESMTP id 0FAB83A6853 for <hybi@ietf.org>; Sun, 9 Jan 2011 15:43:53 -0800 (PST)
Received: from [24.108.133.142] (helo=[192.168.145.101]) by biz82.inmotionhosting.com with esmtpa (Exim 4.69) (envelope-from <bruce@callenish.com>) id 1Pc4xY-0006vG-5l for hybi@ietf.org; Sun, 09 Jan 2011 15:46:04 -0800
Message-ID: <4D2A48BB.5020400@callenish.com>
Date: Sun, 09 Jan 2011 15:46:03 -0800
From: Bruce Atherton <bruce@callenish.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.13) Gecko/20101207 Lightning/1.0b2 Thunderbird/3.1.7
MIME-Version: 1.0
To: hybi@ietf.org
References: <20110106221426.GA28367@1wt.eu> <AANLkTimNc6YDUG=920P=G7kxs9oDwDEsGJ5LA6BG_iyb@mail.gmail.com> <20110107053410.GG28367@1wt.eu> <AANLkTinQADv+iq50=dsvK13cu1YdS5sb+xHvDZnfdOjB@mail.gmail.com> <20110107061043.GJ28367@1wt.eu> <AANLkTikHXQza-gx=tqD7jZ+ueQZTXa9acRVG+bBfdApG@mail.gmail.com> <20110107063854.GN28367@1wt.eu> <670C37A1-B413-49C0-8C47-E2E06DB447ED@apple.com> <20110107185801.GB32612@1wt.eu> <AANLkTinLf4z9S0EatVRi5ZdeEPcuJrOmvn6cpAELtf2w@mail.gmail.com> <20110107203958.GC32612@1wt.eu> <AANLkTinWX4k2mbGqK5qbiVtCTATC38xKJApLHCEuce85@mail.gmail.com> <4D28DF6E.4080003@callenish.com> <AANLkTikhgk7yRoC1K37QetW-7ZHw8G26WZVUs7fM2y=J@mail.gmail.com> <4D2A307C.3080109@callenish.com> <AANLkTimv-1DV=ZVyzSSaDHTsVGaRHm8kNPjWNVW5_a1G@mail.gmail.com>
In-Reply-To: <AANLkTimv-1DV=ZVyzSSaDHTsVGaRHm8kNPjWNVW5_a1G@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - biz82.inmotionhosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - callenish.com
Subject: Re: [hybi] A bit of pragmatism
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Jan 2011 23:43:54 -0000

I apologize if I am being thick, but I still don't understand.

It is my understanding that the masking algorithms which have been 
previously suggested prevent the attacker from controlling the payload 
bits on the wire from within a browser using Websockets without the 
added burden of being cryptographically secure. I had thought that you 
were arguing that the attacker could still control patterns in the bits, 
but not the bits themselves. That seemed like a reasonable thing for the 
ws: scheme to allow, to me, since by design it is a lighter weight, less 
secure form of Websockets and there have never been any exploits that 
relied on that characteristic that anyone has mentioned so far. Now it 
sounds like you are arguing that an attacker can completely control the 
bits no matter what unless it is cryptographically secure.

I'm sure I'm missing something, but I haven't a clue what it is.

On 09/01/2011 2:16 PM, Eric Rescorla wrote:
> It's not a matter of random versus non-random. RC4 and AES-CTR without random IV
> (which is not a requirement of the standard) provide the attacker with
> complete control over
> the payload bits on the wire, beause he can predict the keystream.

v2.23.0 | Report a Bug | By Email