Re: [TLS] padding bug
"Lewis, Nick" <nick.lewis@usa.g4s.com> Wed, 25 September 2013 08:33 UTC
Return-Path: <nick.lewis@usa.g4s.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4FE321F9F34 for <tls@ietfa.amsl.com>; Wed, 25 Sep 2013 01:33:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.997
X-Spam-Level:
X-Spam-Status: No, score=-0.997 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rXVUdDcWgohC for <tls@ietfa.amsl.com>; Wed, 25 Sep 2013 01:33:07 -0700 (PDT)
Received: from mail1.bemta3.messagelabs.com (mail1.bemta3.messagelabs.com [195.245.230.166]) by ietfa.amsl.com (Postfix) with ESMTP id E9A9E21F9FAE for <tls@ietf.org>; Wed, 25 Sep 2013 01:33:01 -0700 (PDT)
Received: from [85.158.137.3:43828] by server-6.bemta-3.messagelabs.com id 4B/B5-04812-BBF92425; Wed, 25 Sep 2013 08:32:59 +0000
X-Env-Sender: nick.lewis@usa.g4s.com
X-Msg-Ref: server-5.tower-38.messagelabs.com!1380097978!14566862!1
X-Originating-IP: [89.206.228.155]
X-StarScan-Received:
X-StarScan-Version: 6.9.12; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 29244 invoked from network); 25 Sep 2013 08:32:58 -0000
Received: from unallocated.star.net.uk (HELO gbtwk10s037.Technology.local) (89.206.228.155) by server-5.tower-38.messagelabs.com with RC4-SHA encrypted SMTP; 25 Sep 2013 08:32:58 -0000
Received: from GBTWK10E001.Technology.local ([10.234.1.29]) by gbtwk10s037.Technology.local ([10.234.1.39]) with mapi; Wed, 25 Sep 2013 09:32:57 +0100
From: "Lewis, Nick" <nick.lewis@usa.g4s.com>
To: "'tls@ietf.org'" <tls@ietf.org>
Date: Wed, 25 Sep 2013 09:32:57 +0100
Thread-Topic: Re: padding bug
Thread-Index: Ac65ydZhkjFJWjbPSvuJeogMKfJ34Q==
Message-ID: <AAE0766F5AF36B46BAB7E0EFB927320630E4A54283@GBTWK10E001.Technology.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_AAE0766F5AF36B46BAB7E0EFB927320630E4A54283GBTWK10E001Te_"
MIME-Version: 1.0
Subject: Re: [TLS] padding bug
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Sep 2013 08:33:12 -0000
Martin Rex wrote: > Where I agree is that it would be preferable to limit any fix to the exact > problem that has been identified (already by Vaudenay), which is in how > SSLv3&TLS use a Blockcipher in CBC mode with "authenticate-pad-encrypt" > rather than "pad-authenticate-encrypt". I agree that the fix should be limited to the exact problem. The fix could be a change from AtPtE to PtAtE using a greatly simplified version of http://tools.ietf.org/html/draft-pironti-tls-length-hiding-00 without the length hiding features -- ________________________________ The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity. This e-mail has been scanned for all viruses by MessageLabs.
- Re: [TLS] padding bug Peter Gutmann
- Re: [TLS] padding bug Nikos Mavrogiannopoulos
- Re: [TLS] padding bug Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] padding bug Peter Gutmann
- Re: [TLS] padding bug Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] padding bug Peter Gutmann
- Re: [TLS] padding bug Eric Rescorla
- Re: [TLS] padding bug Eric Rescorla
- Re: [TLS] padding bug Peter Gutmann
- Re: [TLS] padding bug Adam Langley
- Re: [TLS] padding bug Hugo Krawczyk
- Re: [TLS] padding bug Peter Gutmann
- Re: [TLS] padding bug Peter Gutmann
- Re: [TLS] padding bug Nikos Mavrogiannopoulos
- Re: [TLS] padding bug Ben Laurie
- Re: [TLS] padding bug Nikos Mavrogiannopoulos
- Re: [TLS] padding bug Ben Laurie
- Re: [TLS] padding bug Nikos Mavrogiannopoulos
- Re: [TLS] padding bug Peter Gutmann
- Re: [TLS] padding bug Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] padding bug Paterson, Kenny
- Re: [TLS] padding bug Bodo Moeller
- Re: [TLS] padding bug Michael D'Errico
- Re: [TLS] padding bug Ben Laurie
- Re: [TLS] padding bug Christian Kahlo
- Re: [TLS] padding bug Hovav Shacham
- Re: [TLS] padding bug Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] padding bug Martin Rex
- Re: [TLS] padding bug Andrei Popov
- Re: [TLS] padding bug Ben Laurie
- Re: [TLS] padding bug Kelly John Rose
- Re: [TLS] padding bug Lewis, Nick
- Re: [TLS] padding bug Alfredo Pironti
- Re: [TLS] padding bug Peter Gutmann
- Re: [TLS] padding bug Peter Gutmann