Re: [TLS] Comments/Questions on draft-gutmann-tls-encrypt-then-mac-00.txt
Peter Gutmann <pgut001@cs.auckland.ac.nz> Wed, 25 September 2013 10:30 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0589711E80D2 for <tls@ietfa.amsl.com>; Wed, 25 Sep 2013 03:30:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.582
X-Spam-Level:
X-Spam-Status: No, score=-2.582 tagged_above=-999 required=5 tests=[AWL=0.017, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9SFnKxuDy9qr for <tls@ietfa.amsl.com>; Wed, 25 Sep 2013 03:30:17 -0700 (PDT)
Received: from mx2.auckland.ac.nz (mx2.auckland.ac.nz [130.216.125.245]) by ietfa.amsl.com (Postfix) with ESMTP id 2425F21F9D9C for <tls@ietf.org>; Wed, 25 Sep 2013 03:30:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=uoa; t=1380105017; x=1411641017; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=CPBKfnqRrN/Fnb5BMmjPLk+3DDv/2Pk2AThyGo1csKI=; b=HImZqnhHrI815WF6XBIrNHGoV1jq/wpR3TrbgRD/V2u886TFIuS/unSb R12gYlHrL+wCnjmrO5ounCxrlm5eK80prcmsHAABY1R9vBxghIvCpKJ7e o2124sNvuRBT+BW3LiGPFsGTlrvlZ6YYv0ON8xGn4ud1Cpyt//ZGLLxz9 w=;
X-IronPort-AV: E=Sophos;i="4.90,977,1371038400"; d="scan'208";a="214108723"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 130.216.4.125 - Outgoing - Outgoing
Received: from uxchange10-fe3.uoa.auckland.ac.nz ([130.216.4.125]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES128-SHA; 25 Sep 2013 22:30:14 +1200
Received: from UXCN10-6.UoA.auckland.ac.nz ([169.254.10.92]) by uxchange10-fe3.UoA.auckland.ac.nz ([130.216.4.125]) with mapi id 14.02.0318.004; Wed, 25 Sep 2013 22:30:13 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: [TLS] Comments/Questions on draft-gutmann-tls-encrypt-then-mac-00.txt
Thread-Index: Ac652jeTx133SxOpTE2eA3YPrgA5JA==
Date: Wed, 25 Sep 2013 10:30:12 +0000
Message-ID: <9A043F3CF02CD34C8E74AC1594475C735567D321@uxcn10-6.UoA.auckland.ac.nz>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [TLS] Comments/Questions on draft-gutmann-tls-encrypt-then-mac-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Sep 2013 10:30:22 -0000
Eric Rescorla <ekr@rtfm.com> writes: >Do you think you could address the questions I asked below? Sorry, given the email avalanche recently and the fact that I wasn't sure what the questions were getting at, I'd put them in the TODO list. > - Because this draft relies on extensions, it seems not to resist > active attack when clients do insecure version fallback > (see for instance: > http://www.ietf.org/mail-archive/web/tls/current/msg09468.html) Right, but given that the problem is broken clients I'm not sure what the issue is. Anything that falls back to older, less secure versions of protocols is going to be vulnerable to things that the newer protocols fix. > - Maybe I am misreading the draft, but I'm unclear on how you get > the TLSCompressed.length for the MAC computation in Section 3. > Does this have the same issue as was raised for McGrew's CBC AEAD > draft? What was the issue raised for the AEAD draft? Since I'm not sure what the question is asking, the only real response I can give is that there's a number of implementations out there that interoperated without problems, so whatever the perceived problem is, it doesn't seem to be much of an issue. Peter.
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Peter Gutmann
- [TLS] Comments/Questions on draft-gutmann-tls-enc… Eric Rescorla
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Christian Kahlo
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Dr Stephen Henson
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bill Frantz
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Nikos Mavrogiannopoulos
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Nikos Mavrogiannopoulos
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Christian Kahlo
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Peter Gutmann
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Nikos Mavrogiannopoulos
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Peter Gutmann
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Christian Kahlo
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Eric Rescorla
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Peter Gutmann
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Alfredo Pironti
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bodo Moeller
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Ralph Holz
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Peter Gutmann
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Adam Langley
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bodo Moeller
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Michael D'Errico
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Yaron Sheffer
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Michael D'Errico
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bodo Moeller
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bodo Moeller
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Yaron Sheffer
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bodo Moeller
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Martin Rex
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Mohamad Badra
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Martin Rex
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Michael D'Errico
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Martin Rex
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Martin Rex
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Peter Gutmann
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Paul Bakker
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Paul Bakker
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Alfredo Pironti
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Paul Bakker
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bodo Moeller
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Bodo Moeller
- Re: [TLS] Comments/Questions on draft-gutmann-tls… Yoav Nir