Re: [hybi] More on Payload Masking
Zhong Yu <zhong.j.yu@gmail.com> Thu, 11 November 2010 20:16 UTC
Return-Path: <zhong.j.yu@gmail.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 68F453A6A9F for <hybi@core3.amsl.com>; Thu, 11 Nov 2010 12:16:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.135
X-Spam-Level:
X-Spam-Status: No, score=-2.135 tagged_above=-999 required=5 tests=[AWL=-0.136, BAYES_00=-2.599, J_CHICKENPOX_93=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wR0biAqcbALr for <hybi@core3.amsl.com>; Thu, 11 Nov 2010 12:16:21 -0800 (PST)
Received: from mail-ww0-f44.google.com (mail-ww0-f44.google.com [74.125.82.44]) by core3.amsl.com (Postfix) with ESMTP id 7E4B73A6AA0 for <hybi@ietf.org>; Thu, 11 Nov 2010 12:16:21 -0800 (PST)
Received: by wwb34 with SMTP id 34so269758wwb.13 for <hybi@ietf.org>; Thu, 11 Nov 2010 12:16:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=eqNfb6W5U1GWWlOGj4rng164bK7nVnBzOtuEx+qvbbU=; b=PAXqbf6qSuJW6kl48qe3rEcuQQcATfLBpmjvOm6ik2LmUqX/oYf5jbr2jCQgiPp9T5 1Q4L3HIcXtq/z8RL6PWL4+Gr8ZQfeOEMgPFZcJpQEm+XXhXV539AHWjhgBR6BQ6vAwqi UXeEcI/v8gvEhwDM5IQ042sIIAqChx2qz3VaI=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=WM26f2eq6DBhzi9V0R5NkcjfCnDtE9xEHZKUo28itQyRYhHr0tuHmewD+fJpc88XSF VlE6FD3VaVz4T7Keo3iFFey7aSlttdG9yh5o0vuVV17trOkQzeEtI2e/jFdrC221ckrj ZWEY8q2b/Qj828YFcyqXxeBqq7KYT5baJM1Ig=
MIME-Version: 1.0
Received: by 10.216.23.147 with SMTP id v19mr2783489wev.58.1289506611210; Thu, 11 Nov 2010 12:16:51 -0800 (PST)
Received: by 10.216.51.132 with HTTP; Thu, 11 Nov 2010 12:16:51 -0800 (PST)
In-Reply-To: <AANLkTikWr9GO_OBqjEC_0d5j30g21C+dfyxinRXwGZJ8@mail.gmail.com>
References: <AANLkTi=Q3oAM1rdqPHTLffN_yEGPCY9VM0CXPiNU4R79@mail.gmail.com> <AANLkTi=ACdGp535U_Lr3FWZbQGNLuRZSFatP7uBWtDtB@mail.gmail.com> <l5lmd6lv0dt84npcj00s1j6r20ul3sbv0f@hive.bjoern.hoehrmann.de> <AANLkTim9QaD5BKT3yvtOY=9ojKeKr8vV1SsG1s23ty=6@mail.gmail.com> <8qnmd6dgnpiq5mm1cui2eqhfkusc8c514d@hive.bjoern.hoehrmann.de> <AANLkTi=yUpKZ0RbWSZp6y+idkKnEY0HuHwNugHj8YC8+@mail.gmail.com> <AANLkTimxxhJ3y+t+mtN-LHD+JY6Lnt2QQBtFJM36APJk@mail.gmail.com> <AANLkTikWr9GO_OBqjEC_0d5j30g21C+dfyxinRXwGZJ8@mail.gmail.com>
Date: Thu, 11 Nov 2010 14:16:51 -0600
Message-ID: <AANLkTi=WA2kaSBLC3dJgLyeRd8rRKEd-tuhQ=ckM6akB@mail.gmail.com>
From: Zhong Yu <zhong.j.yu@gmail.com>
To: John Tamplin <jat@google.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: Hybi <hybi@ietf.org>, Bjoern Hoehrmann <derhoermi@gmx.net>
Subject: Re: [hybi] More on Payload Masking
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Nov 2010 20:16:22 -0000
On Thu, Nov 11, 2010 at 1:30 PM, John Tamplin <jat@google.com> wrote: > On Thu, Nov 11, 2010 at 2:15 PM, Zhong Yu <zhong.j.yu@gmail.com> wrote: >>> Unless you can produce a particular encrypted counter value, the >>> presence of XOR doesn't change the unforgeability. >> >> I assume we need a new counter for each WS frame? > > No, as it the encrypted counter is not predictable. I don't understand. In the attack scenario I described(now considered less plausible), the attacker have full knowledge of the handshake and some beginning WS frames. If the counter sequence used for these beginning WS frames will continue to be used for some following WS frames, attacker can craft some cybertext in the following bytes. - Zhong Yu
- Re: [hybi] More on Payload Masking John Tamplin
- Re: [hybi] More on Payload Masking Bjoern Hoehrmann
- Re: [hybi] More on Payload Masking Bjoern Hoehrmann
- [hybi] More on Payload Masking Zhong Yu
- Re: [hybi] More on Payload Masking John Tamplin
- Re: [hybi] More on Payload Masking Bjoern Hoehrmann
- Re: [hybi] More on Payload Masking Bjoern Hoehrmann
- Re: [hybi] More on Payload Masking John Tamplin
- Re: [hybi] More on Payload Masking Greg Wilkins
- Re: [hybi] More on Payload Masking Willy Tarreau
- Re: [hybi] More on Payload Masking Scott Ferguson
- Re: [hybi] More on Payload Masking Zhong Yu
- Re: [hybi] More on Payload Masking Zhong Yu
- Re: [hybi] More on Payload Masking John Tamplin
- Re: [hybi] More on Payload Masking Zhong Yu
- Re: [hybi] More on Payload Masking Brodie Thiesfield