IETF Logo Mail Archive

Re: [TLS] [Technical Errata Reported] RFC5288 (4694)

Aaron Zauner <azet@azet.org> Thu, 19 May 2016 17:11 UTC

Return-Path: <azet@azet.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF69C12D5C0 for <tls@ietfa.amsl.com>; Thu, 19 May 2016 10:11:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=azet.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o_q6epFk0GNG for <tls@ietfa.amsl.com>; Thu, 19 May 2016 10:11:32 -0700 (PDT)
Received: from mail-pf0-x234.google.com (mail-pf0-x234.google.com [IPv6:2607:f8b0:400e:c00::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C3D512D5C1 for <tls@ietf.org>; Thu, 19 May 2016 10:11:31 -0700 (PDT)
Received: by mail-pf0-x234.google.com with SMTP id 206so32295477pfu.0 for <tls@ietf.org>; Thu, 19 May 2016 10:11:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=azet.org; s=gmail; h=subject:mime-version:from:in-reply-to:date:cc:message-id:references :to; bh=zDRUn57igitgGyjc7Npt/Hw0+BGSA45WK+2zJz6WXj8=; b=Iwd1HoQ/+IayEVDzjVVINb026bKNawxZhxh/hoOV98xraCxpmet4ftaHZTsvRjrT/K EFIl3hJWGva4V5zUzS4Nhe3Or8GV0J3e6IzhEMirC/N29oPoEXwtl3VQ+HDxsSdfU/RR n/stnNa8NELssxTqgyGWWxRUXeJHM4UN9XuMQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:mime-version:from:in-reply-to:date:cc :message-id:references:to; bh=zDRUn57igitgGyjc7Npt/Hw0+BGSA45WK+2zJz6WXj8=; b=fEpkc0SJk1MPV8KhMlPe19hQHKwZoDKIGE5LvoXAMTE1vkjGWSCCsQKXdeDW6Oc1U2 RFmaTvdUZk6fejhZj89bUkeDtX9vDipogqB0D2olTlNW4+hXBFzzs2kn8tYWMxCTdG/T Q1r3+ouTL/0xWUIGi60Tt3i5wvQHwtAKgny7q2GwgFO1udpTre62/Sqm4gRgxQc0a7G0 cScSCxrGRK9u8/2XFz7YJm1zJGolA/dBq13EW+W55NW3i+QIRjMk3p2CZLt0uaqfG2qO WcXIYfQsiw+mPOho0IlE8Qfq40dxW8UPF8O7aab3oqNK0wcTRay/rjZBM81knS5kn61/ sr9Q==
X-Gm-Message-State: AOPr4FUHrCsUzFPjbmg/kwxsqq8ECrXCb9ypBpQB2XDYjJ05U8+ez22KwpKpVNlxbxv0nw==
X-Received: by 10.98.23.211 with SMTP id 202mr21463678pfx.122.1463677876607; Thu, 19 May 2016 10:11:16 -0700 (PDT)
Received: from [192.168.1.156] ([183.88.180.192]) by smtp.gmail.com with ESMTPSA id s14sm19965375pag.7.2016.05.19.10.11.14 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 19 May 2016 10:11:15 -0700 (PDT)
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
Content-Type: multipart/signed; boundary="Apple-Mail=_3D0E040A-B7FE-40C1-98F3-EDF5E5F9E5B3"; protocol="application/pgp-signature"; micalg="pgp-sha512"
X-Pgp-Agent: GPGMail 2.6b2
From: Aaron Zauner <azet@azet.org>
In-Reply-To: <3B2C6D5A-939E-4539-B902-D4502EB9739C@azet.org>
Date: Fri, 20 May 2016 00:11:12 +0700
Message-Id: <96CBAD0F-0F0A-4095-81FD-09EE804EB7F6@azet.org>
References: <20160514082717.7997D180004@rfc-editor.org> <9A043F3CF02CD34C8E74AC1594475C73F4C80CD0@uxcn10-5.UoA.auckland.ac.nz> <CAN8NK9EaDQ-Pugi2j=3KcXrn5G-8mcXVs4O2HGCkH7h7GSKbbA@mail.gmail.com> <9A043F3CF02CD34C8E74AC1594475C73F4C80F76@uxcn10-5.UoA.auckland.ac.nz> <CAN8NK9Gn9iK72dBq3opQ2E_HEZyVB+ysCqo5JxMH8vHhy4gEEg@mail.gmail.com> <9A043F3CF02CD34C8E74AC1594475C73F4C817BE@uxcn10-5.UoA.auckland.ac.nz> <a05f1e9d02a96721479a0de75e335cc4@esat.kuleuven.be> <A1FEF4A5-AC64-4832-904A-47768E5D5AF9@gmail.com> <54302B87-4730-4B8E-9F55-B33B89425A51@azet.org> <D35F4D97.6C5B2%kenny.paterson@rhul.ac.uk> <53384A13-5F80-4CF0-BD8F-F68E304ADF15@azet.org> <D35F5460.6C5D0%kenny.paterson@rhul.ac.uk> <3B2C6D5A-939E-4539-B902-D4502EB9739C@azet.org>
To: "tls@ietf.org" <tls@ietf.org>
X-Mailer: Apple Mail (2.3112)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/Tv6uRo6LRQFVkLmU25hlFjb29rY>
Cc: RFC Errata System <rfc-editor@rfc-editor.org>
Subject: Re: [TLS] [Technical Errata Reported] RFC5288 (4694)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 May 2016 17:11:34 -0000

Hi,

> The first step of our attack involves attacker controlled content. So yes (phishing, unauthenticated HTTP, selective company DPI etc.). In our example we use a local proxy to carry out the attack. I hope I can post a full version of the actual paper and PoC to this thread soon.

https://eprint.iacr.org/2016/475
https://github.com/nonce-disrespect/nonce-disrespect

(data-sets should be indexed by scans.io in a bit)

Aaron

v2.23.0 | Report a Bug | By Email