Re: [TLS] SSL Renegotiation DOS
Peter Gutmann <pgut001@cs.auckland.ac.nz> Wed, 16 March 2011 14:46 UTC
Return-Path: <pgut001@login01.cs.auckland.ac.nz>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1860F3A6920 for <tls@core3.amsl.com>; Wed, 16 Mar 2011 07:46:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.558
X-Spam-Level:
X-Spam-Status: No, score=-103.558 tagged_above=-999 required=5 tests=[AWL=0.041, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wdN7fYc97EuF for <tls@core3.amsl.com>; Wed, 16 Mar 2011 07:46:26 -0700 (PDT)
Received: from mx2-int.auckland.ac.nz (mx2-int.auckland.ac.nz [130.216.12.41]) by core3.amsl.com (Postfix) with ESMTP id B88923A6911 for <tls@ietf.org>; Wed, 16 Mar 2011 07:46:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=pgut001@cs.auckland.ac.nz; q=dns/txt; s=uoa; t=1300286873; x=1331822873; h=from:to:subject:cc:in-reply-to:message-id:date; z=From:=20Peter=20Gutmann=20<pgut001@cs.auckland.ac.nz> |To:=20mrex@sap.com|Subject:=20Re:=20[TLS]=20SSL=20Renego tiation=20DOS|Cc:=20tls@ietf.org|In-Reply-To:=20<20110316 1402.p2GE2oFm023860@fs4113.wdf.sap.corp>|Message-Id:=20<E 1Pzs0s-000105-0f@login01.fos.auckland.ac.nz>|Date:=20Thu, =2017=20Mar=202011=2003:47:50=20+1300; bh=uY6Ks8kmmv2g1M6D/pugBlpjjfVEYeQHWJ5M3dVNMZU=; b=DxcMNJB+qsLEcQM62o+kpAhMW/kAnpUby+zMG3mUEyLDbgkuOzI4Qf9q dymRtfqF1U83wo/X+EXIAo8GrIl1PRepJ4YvUj1pcO0SuPH8xrZWwZmSm uOwFHBRX8BGOuoi8Uj+GNMuN59A6/hFY3E74x6fXncGlp9t5i6OjE/4z6 g=;
X-IronPort-AV: E=Sophos;i="4.63,194,1299409200"; d="scan'208";a="51484601"
X-Ironport-HAT: APP-SERVERS - $RELAYED
X-Ironport-Source: 130.216.33.150 - Outgoing - Outgoing
Received: from mf1.fos.auckland.ac.nz ([130.216.33.150]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 17 Mar 2011 03:47:50 +1300
Received: from login01.fos.auckland.ac.nz ([130.216.34.40]) by mf1.fos.auckland.ac.nz with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.69) (envelope-from <pgut001@login01.cs.auckland.ac.nz>) id 1Pzs0s-0006Dh-GK; Thu, 17 Mar 2011 03:47:50 +1300
Received: from pgut001 by login01.fos.auckland.ac.nz with local (Exim 4.69) (envelope-from <pgut001@login01.cs.auckland.ac.nz>) id 1Pzs0s-000105-0f; Thu, 17 Mar 2011 03:47:50 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: mrex@sap.com
In-Reply-To: <201103161402.p2GE2oFm023860@fs4113.wdf.sap.corp>
Message-Id: <E1Pzs0s-000105-0f@login01.fos.auckland.ac.nz>
Date: Thu, 17 Mar 2011 03:47:50 +1300
Cc: tls@ietf.org
Subject: Re: [TLS] SSL Renegotiation DOS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2011 14:46:27 -0000
Martin Rex <mrex@sap.com> writes: >If a hostile client is targetting specific servers, it could create a valid >PKCS#1 encrypted premaster secret once and then reuse it in all further >handshakes -- saving the client the asymmetric crypto work on all additional >connections, while still allowing the client to complete the TLS handshake >successfully. If you're just interested in a DoS then you don't even need to do that, just shovel in 128 bytes of random noise and wait for the server's crypto engine to collapse under the load. You can't complete the handshake in this case, but that's not the bit that you're targetting. Peter.
- Re: [TLS] SSL Renegotiation DOS Jorge A. Orchilles
- [TLS] SSL Renegotiation DOS Jorge A. Orchilles
- Re: [TLS] SSL Renegotiation DOS Nikos Mavrogiannopoulos
- Re: [TLS] SSL Renegotiation DOS Steve Dispensa
- Re: [TLS] SSL Renegotiation DOS Joe Orton
- Re: [TLS] SSL Renegotiation DOS Dr Stephen Henson
- Re: [TLS] SSL Renegotiation DOS Steve Dispensa
- Re: [TLS] SSL Renegotiation DOS Martin Rex
- Re: [TLS] SSL Renegotiation DOS Eric Rescorla
- Re: [TLS] SSL Renegotiation DOS Marsh Ray
- Re: [TLS] SSL Renegotiation DOS Martin Rex
- Re: [TLS] SSL Renegotiation DOS Steve Dispensa
- Re: [TLS] SSL Renegotiation DOS Peter Gutmann
- Re: [TLS] SSL Renegotiation DOS Martin Rex
- Re: [TLS] SSL Renegotiation DOS Peter Gutmann
- Re: [TLS] SSL Renegotiation DOS Jorge A. Orchilles
- Re: [TLS] SSL Renegotiation DOS Jorge A. Orchilles
- Re: [TLS] SSL Renegotiation DOS Jorge A. Orchilles
- Re: [TLS] SSL Renegotiation DOS Jorge A. Orchilles
- Re: [TLS] SSL Renegotiation DOS Jorge A. Orchilles