[TLS] DTLS implementation attack?

Marsh Ray <marsh@extendedsubset.com> Tue, 06 December 2011 16:56 UTC

Return-Path: <marsh@extendedsubset.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 16A9721F8BFE for <tls@ietfa.amsl.com>; Tue, 6 Dec 2011 08:56:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 4otR2IspYuT8 for <tls@ietfa.amsl.com>; Tue, 6 Dec 2011 08:56:53 -0800 (PST)
Received: from mho-01-ewr.mailhop.org (mho-03-ewr.mailhop.org []) by ietfa.amsl.com (Postfix) with ESMTP id 4F0C421F8BF6 for <tls@ietf.org>; Tue, 6 Dec 2011 08:56:53 -0800 (PST)
Received: from xs01.extendedsubset.com ([]) by mho-01-ewr.mailhop.org with esmtpa (Exim 4.72) (envelope-from <marsh@extendedsubset.com>) id 1RXyK4-000M9u-R6 for tls@ietf.org; Tue, 06 Dec 2011 16:56:52 +0000
Received: from [] (localhost []) by xs01.extendedsubset.com (Postfix) with ESMTP id 8617363C3 for <tls@ietf.org>; Tue, 6 Dec 2011 16:56:51 +0000 (UTC)
X-Mail-Handler: MailHop Outbound by DynDNS
X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/mailhop/outbound_abuse.html for abuse reporting information)
X-MHO-User: U2FsdGVkX18o5eExGweV6pV/exRkqlXsoy5tfecZYJ4=
Message-ID: <4EDE4953.6040709@extendedsubset.com>
Date: Tue, 06 Dec 2011 10:56:51 -0600
From: Marsh Ray <marsh@extendedsubset.com>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv: Gecko/20110921 Thunderbird/3.1.15
MIME-Version: 1.0
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: [TLS] DTLS implementation attack?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Dec 2011 16:56:54 -0000

Anyone have more info on this?

Even just a CVE or 'fixed in' version would be helpful.

> Plaintext-Recovery Attacks Against Datagram TLS
> Kenneth Paterson and Nadhem Alfardan We describe an efficient and
> full plaintext recovery attack against the OpenSSL implementation of
> DTLS, and an efficient, partial plaintext recovery attack against the
> GnuTLS implementation of DTLS. We discuss the reasons why these
> implementations are insecure, drawing lessons for secure protocol
> design and implementation in general.


- Marsh