Re: [TLS] Another IRINA bug in TLS

Santiago Zanella-Beguelin <santiago@microsoft.com> Thu, 21 May 2015 09:59 UTC

Return-Path: <santiago@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 99FED1AC529 for <tls@ietfa.amsl.com>; Thu, 21 May 2015 02:59:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UNd5Ebsv1wnM for <tls@ietfa.amsl.com>; Thu, 21 May 2015 02:59:40 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0102.outbound.protection.outlook.com [207.46.100.102]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 378C91AC432 for <tls@ietf.org>; Thu, 21 May 2015 02:59:39 -0700 (PDT)
Received: from CO2PR03CA0036.namprd03.prod.outlook.com (10.141.194.163) by DM2PR0301MB0847.namprd03.prod.outlook.com (10.160.215.145) with Microsoft SMTP Server (TLS) id 15.1.166.22; Thu, 21 May 2015 09:59:36 +0000
Received: from BN1BFFO11FD005.protection.gbl (2a01:111:f400:7c10::1:193) by CO2PR03CA0036.outlook.office365.com (2a01:111:e400:1414::35) with Microsoft SMTP Server (TLS) id 15.1.160.19 via Frontend Transport; Thu, 21 May 2015 09:59:36 +0000
Authentication-Results: spf=pass (sender IP is 206.191.250.196) smtp.mailfrom=microsoft.com; ietf.org; dkim=none (message not signed) header.d=none;
Received-SPF: Pass (protection.outlook.com: domain of microsoft.com designates 206.191.250.196 as permitted sender) receiver=protection.outlook.com; client-ip=206.191.250.196; helo=064-smtp-out.microsoft.com;
Received: from 064-smtp-out.microsoft.com (206.191.250.196) by BN1BFFO11FD005.mail.protection.outlook.com (10.58.144.68) with Microsoft SMTP Server (TLS) id 15.1.172.14 via Frontend Transport; Thu, 21 May 2015 09:59:35 +0000
Received: from DB4PR30MB032.064d.mgd.msft.net (141.251.50.216) by DB4PR30MB030.064d.mgd.msft.net (141.251.50.210) with Microsoft SMTP Server (TLS) id 15.1.112.16; Thu, 21 May 2015 09:59:34 +0000
Received: from DB4PR30MB032.064d.mgd.msft.net ([141.251.50.216]) by DB4PR30MB032.064d.mgd.msft.net ([141.251.50.216]) with mapi id 15.01.0112.000; Thu, 21 May 2015 09:59:34 +0000
From: Santiago Zanella-Beguelin <santiago@microsoft.com>
To: Nikos Mavrogiannopoulos <nmav@redhat.com>
Thread-Topic: [TLS] Another IRINA bug in TLS
Thread-Index: AQHQkwYvDdHZ+lmQNUW54l67jurcrZ2FE+rTgAD1qgCAAClNNg==
Date: Thu, 21 May 2015 09:59:33 +0000
Message-ID: <1432202373093.34978@microsoft.com>
References: <CACsn0ckaML0M_Foq9FXs5LA2dRb1jz+JDX7DUej_ZbuSkUB=tQ@mail.gmail.com> <1432141085848.37685@microsoft.com>,<1432193344.3243.2.camel@redhat.com>
In-Reply-To: <1432193344.3243.2.camel@redhat.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [92.151.241.88]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Microsoft-Exchange-Diagnostics: 1; BN1BFFO11FD005; 1:o83637sL92BIwBWVr4oiELC/O35nRBgn5T8Jyxfj69Mzx15RhjuTzErhIgg6aO/ovWwrKfrXdlDYEna4YKBaXQgx0Hy8svcgl5TQpNtQLT7jsow2jtCa9PCbZto9tY1kGdQVUUu3XgDAksozRNqWQtAI7SXrZifCkiImI496yFOdfzW5TgBboCZzg35vBi3GNjL8MPesQm1mSbi+jxXj6ahOHewTa4T+0CiARb+0dEY9vDUU6vux9mJenWuq1WiHMNV/O9XMr+COEFHRfqaPmCEjKBNS45tnlMaLyyM8zxmQOx5k5GB5R8R9Sj2SPcZo
X-Forefront-Antispam-Report: CIP:206.191.250.196; CTRY:US; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(6009001)(438002)(24454002)(189002)(199003)(377454003)(377424004)(2656002)(6806004)(87936001)(16796002)(23756003)(189998001)(5001960100002)(110136002)(97736004)(81156007)(62966003)(77156002)(46102003)(5001860100001)(5001830100001)(2900100001)(2950100001)(92566002)(102836002)(86612001)(68736005)(19580395003)(69596002)(19580405001)(86362001)(86146001)(117636001)(54356999)(47776003)(76176999)(50986999)(106116001)(66066001)(4001540100001)(64706001)(106466001)(50466002)(36756003); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0301MB0847; H:064-smtp-out.microsoft.com; FPR:; SPF:Pass; PTR:ErrorRetry; MX:1; A:1; LANG:en;
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0301MB0847; 2:T9qiVFBoI2A5f9gYMCaF4RwoQoM4Mv/ny9DI2O5/kQQuqVFlaSmQT2bjY0NfyDuq; 2:wcDWv+VrJwavzWKbKh9XOaoI6mVJXRBu6l/kj557YoYdgWDk8WnzHxvkYSy/34m8yEcN7ZzPqnaaLep/2IgvInWklPoLC4KPxx0I9ehK/sp181YJCEJSfVVMVdC2m9PnFEhy7VWvZrp9OfiYA7cOVwme8X0YYPvELHQNbc+heLsiUQxvQ4ScSra5d7N1WLHzurONUM06qjq02WaoDAhjGGvphfjye9+kljfWnY5La9r7OH0t4ZBAQlAgorn6U0N/; 6:8nEzTWU0Ug9b7/hCe3wVcOnVmhHAYUHtCakmuGJh6LBt7TNxpxlzUDUZcOVHlJmhfl3C/XYLVPHfIenVNRlWC/AF/NjfQEwv0WLcN7TwfYNl5P0jHIK5XmwjxYrMfYoyG3C6n7QakVMfRoXJUqVF3FYAs3C3PDodI/K4YEEu3c+MMh/RbOu1RAQMJEMxG1f1X3aJAWj6eR2/EYpOqz81IWyPPGSsDSYKsftK8UQ5XZng7UJnwG0PE2hp4WlJtO6wGqQxOcHtJnVzTCfpxK5VS25oJL6M5Gbvwy2/9VPqwPxEyjMWvl1VeKdQlWo18Elt8eaJpGmz5VWPaI9sc8RirCvez8YzqDXdNvrcauwe5m/BdnJrJc0eCD8iGr+UUvCFaliJSXcmPhDdg068bRTFb+wznM0hiXo2NEsvyaeLBD4vogCAmJSKgkeBOQW18ilFoNeRNtkwoR2sF5vlL+yLWKXh3pnsDUajwYTxGaVMpx2lpbqwplgiW7EWfGO97eTi
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DM2PR0301MB0847;
X-Microsoft-Antispam-PRVS: <DM2PR0301MB0847131548DB4768A393AB43C9C10@DM2PR0301MB0847.namprd03.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(2401001)(5005006)(3002001); SRVR:DM2PR0301MB0847; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0301MB0847;
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0301MB0847; 3:ZbCQzlVInSZVTLO4VS2GZXg1eeVHKhbIx8KgXAsOny6Tg6JDCXEGQifrpA8k6dqb3Hi87hS5oOMPUQKyRXrVSCJ7E3gKCx8CrhxqKspyOmlGMcFV2l8+pHtj9h48jYnk3Ww0TWvC00ydYgTleA5qTb4q385tCb809hLHBGJbZ0Lvyg08bY63AjBGhmM3O4EwkqcU9zR/K0bIU4EMLs/ihWBT3o3x3wrZlWWv0cP3HUGMt0BdOaz8+lOw7JVf0u0SqYi6OiY6ZgMfFUJGn0DXDc/CH7AS3woDfBPss7X2eqpbG2M4WT5KgDcl4sOCtyQ6
X-Forefront-PRVS: 0583A86C08
X-Microsoft-Exchange-Diagnostics: =?iso-8859-1?Q?1; DM2PR0301MB0847; 9:SXZKBjn87dp/FB8ZDan0kRLQXtJmflmV1J2g/5?= =?iso-8859-1?Q?N9P5pkZIs6KUV0Otl0BN44rAZI/tIE3KVeQ63IpM6LXb4MwkHXJh199lW8?= =?iso-8859-1?Q?szL8kJbjXjP6WEZr0tZCvwPS7uMo5C8YFIoonnehuNNQSt4RtMLsTnRsp3?= =?iso-8859-1?Q?Dianb1Xa7q0L3Z0cXXuvgjZP0IEKNBD84tCEBAP2DZIiwqRpwEF+TIjmDl?= =?iso-8859-1?Q?ss1iIBHJweWxqwSKsMIylL6GbMneN1HB1bgX9R8LdAtXR6Viv6IvSf2sSf?= =?iso-8859-1?Q?ohKWFN3Mn5p6cL8peVNOmRD7H1uEoTfML316C6uqZuN0JWTrStT4+Syvt1?= =?iso-8859-1?Q?+7MALOG9ygj25wJpcJe7MUZM+frOn9YLQPcTdx3ZSXbGpvecmbpZjSCVHX?= =?iso-8859-1?Q?cV7//UWt7x6/emePlojFKdVqUvDSyJKgAhs92g65lhViBrkElUIT0mlHGb?= =?iso-8859-1?Q?u4/CeH2YeC9QSKPu49iwNMg2wISw+txJGe3sqRBu0Qo66s6X0uqfvwcWnY?= =?iso-8859-1?Q?by9/hVXCm8zoxzkU2zCnoL0lO6flkSqATe82OMRmNE0Rb/Ibkbtx5dGKQT?= =?iso-8859-1?Q?EcrFdLwMiub50uv7PP3KOiYmVIhRq/zBL44wHlqrz1033LTt0aWlplpyoK?= =?iso-8859-1?Q?T294rhpBIsC5Oi6kxahAGSKVXcvYP/KQCgCSBhyU6RsIEkr4iySNjPdr//?= =?iso-8859-1?Q?1jNHLHEPjTDniKzScjBdwCU5uYYAJv+7NV9qq7/d5/zUBQp/Gm5a6aJYVU?= =?iso-8859-1?Q?HGysHzIR0sOFu2s/0xP/3iA7X50wfjdRTuJ6gg+3iu2rK9jdMztH1Bve/G?= =?iso-8859-1?Q?g3oybXHlN8Cet0opPVa7bd98m3lQt1X0vV/0kpm6bE1fe4bU0cfwOSF2j9?= =?iso-8859-1?Q?KX5RtwWu/Ys1drlCcmM+D4g+KYaqdv6ItAawQTlzgLgNdK+chwJY3yayKl?= =?iso-8859-1?Q?FjyvodIYAYA+M7mT7PBW+VGGfWjR85q2rVJwC3UWmy8fBoSNWVroIjzK7s?= =?iso-8859-1?Q?0IbAJ3A3jDQcMyAabqs3h9f0TLFD7V3hfj2wU0L9wtlSh7yT6nRlET1+Yc?= =?iso-8859-1?Q?X7sxJS6lB/yBZl/7BwUdTeB9PJzVU6+SYcNDQLalis5EaNGeNifFq6KI0g?= =?iso-8859-1?Q?0yuOF11RGzkoUOFIe6r8uvWAU8Txxz2nOBjz8loLKwuP+pX5HLU63nY4yv?= =?iso-8859-1?Q?Ht/vJgY4ysJT3+iw38koIuC44vw9yUvJrw=3D=3D?=
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0301MB0847; 3:CA8rGMJEPpwmD1MOZKFDExTfIdMYPNZKXbUxd2KaKhSxEfb9rSAl+/EVW/1tvAtKTjEQUR+fFkzX9D2Rn3vnf9d8pIb7wABpnIu+VXYRuHt540Qy+lGq+Us0j52IbzlLG8SDvLtnHyQY/BqSOOnrwA==; 10:C9pvgR8lLy5+qTpNouJPlWmyFfcSVtsTFSTcfyiZXUzqRcR/fE82f0GeDQI15CdvXcbQfp6OHeehEZt1/aOnqKC5o97fWSkh7aacoNZnpAA=; 6:io9dNvHv5rtSR8pILP39rzimkGhLzNjs4ugy6GHrYPZ0U63EpmN3Tll/Xyylxdaw
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 May 2015 09:59:35.2196 (UTC)
X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=72f988bf-86f1-41af-91ab-2d7cd011db47; Ip=[206.191.250.196]; Helo=[064-smtp-out.microsoft.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0301MB0847
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/Hpbv7ZoHHPMS_u5qH_xbWZJcNoo>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Another IRINA bug in TLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 May 2015 09:59:41 -0000

> Are you sure you refer to TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA in that paper for the attack?

That was just an example, and you're right that's an uncommon ciphersuite. 
We did find many HTTPS servers supporting TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA.

Cheers,
--Santiago

________________________________________
From: Nikos Mavrogiannopoulos <nmav@redhat.com>;
Sent: Thursday, May 21, 2015 8:29 AM
To: Santiago Zanella-Beguelin
Cc: tls@ietf.org
Subject: Re: [TLS] Another IRINA bug in TLS

On Wed, 2015-05-20 at 16:58 +0000, Santiago Zanella-Beguelin wrote:
> Indeed, we are lazy and didn't want to write things like TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA in full.

Are you sure you refer to TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA in that
paper for the attack? I doubt this ciphersuite is supported by any
browser at all, and for sure this ciphersuite is not supported by any
web site (it requires an export DSA certificate, and there are none on
the internet).

regards,
Nikos