Re: [TLS] RC4 Considered Harmful (Was: RC4 deprecation path)
"Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk> Wed, 23 April 2014 17:48 UTC
Return-Path: <Kenny.Paterson@rhul.ac.uk>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB6D41A0439 for <tls@ietfa.amsl.com>; Wed, 23 Apr 2014 10:48:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dOAPEv4xnDga for <tls@ietfa.amsl.com>; Wed, 23 Apr 2014 10:48:52 -0700 (PDT)
Received: from va3outboundpool.messaging.microsoft.com (va3ehsobe001.messaging.microsoft.com [216.32.180.11]) by ietfa.amsl.com (Postfix) with ESMTP id A264C1A0435 for <tls@ietf.org>; Wed, 23 Apr 2014 10:48:52 -0700 (PDT)
Received: from mail52-va3-R.bigfish.com (10.7.14.249) by VA3EHSOBE007.bigfish.com (10.7.40.11) with Microsoft SMTP Server id 14.1.225.22; Wed, 23 Apr 2014 17:47:44 +0000
Received: from mail52-va3 (localhost [127.0.0.1]) by mail52-va3-R.bigfish.com (Postfix) with ESMTP id 9033C401D1; Wed, 23 Apr 2014 17:47:44 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:157.56.248.5; KIP:(null); UIP:(null); IPV:NLI; H:AMSPRD0310HT005.eurprd03.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: -5
X-BigFish: PS-5(zzbb2dI98dIzz1f42h1ee6h1de0h1d18h1fdah2073h2146h1202h1e76h2189h1d1ah1d2ah21bch1fc6h208chzz1de098h17326ah8275bh1de097h186068h5eeeKz2fh109h2a8h839h944he5bhf0ah1220h1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah224fh1d0ch1d2eh1d3fh1dfeh1dffh1fe8h1ff5h209eh2216h22d0h2336h2438h2461h2487h24d7h2516h2545h255eh25cch25f6h2605h262fh268bh26d3h1155h)
Received-SPF: pass (mail52-va3: domain of rhul.ac.uk designates 157.56.248.5 as permitted sender) client-ip=157.56.248.5; envelope-from=Kenny.Paterson@rhul.ac.uk; helo=AMSPRD0310HT005.eurprd03.prod.outlook.com ; .outlook.com ;
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10019001)(6009001)(428001)(189002)(199002)(479174003)(243025003)(24454002)(19580405001)(76482001)(2656002)(80976001)(77982001)(83322001)(15975445006)(46102001)(15202345003)(19580395003)(86362001)(4396001)(20776003)(83072002)(92566001)(77096999)(92726001)(74502001)(74482001)(99396002)(74662001)(31966008)(87936001)(54356999)(76176999)(85852003)(79102001)(36756003)(81342001)(81542001)(50986999)(66066001)(80022001); DIR:OUT; SFP:1102; SCL:1; SRVR:DBXPR03MB384; H:DBXPR03MB383.eurprd03.prod.outlook.com; FPR:BEE27525.3D0C0419.3FF01FC0.9EE913D9.2013F; MLV:sfv; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
Received: from mail52-va3 (localhost.localdomain [127.0.0.1]) by mail52-va3 (MessageSwitch) id 1398275262794775_9667; Wed, 23 Apr 2014 17:47:42 +0000 (UTC)
Received: from VA3EHSMHS018.bigfish.com (unknown [10.7.14.233]) by mail52-va3.bigfish.com (Postfix) with ESMTP id 51E9F1600A0; Wed, 23 Apr 2014 17:47:26 +0000 (UTC)
Received: from AMSPRD0310HT005.eurprd03.prod.outlook.com (157.56.248.5) by VA3EHSMHS018.bigfish.com (10.7.99.28) with Microsoft SMTP Server (TLS) id 14.16.227.3; Wed, 23 Apr 2014 17:47:25 +0000
Received: from DBXPR03MB384.eurprd03.prod.outlook.com (10.141.10.20) by AMSPRD0310HT005.eurprd03.prod.outlook.com (10.255.40.40) with Microsoft SMTP Server (TLS) id 14.16.435.0; Wed, 23 Apr 2014 17:48:25 +0000
Received: from DBXPR03MB383.eurprd03.prod.outlook.com (10.141.10.15) by DBXPR03MB384.eurprd03.prod.outlook.com (10.141.10.20) with Microsoft SMTP Server (TLS) id 15.0.921.12; Wed, 23 Apr 2014 17:48:25 +0000
Received: from DBXPR03MB383.eurprd03.prod.outlook.com ([10.141.10.15]) by DBXPR03MB383.eurprd03.prod.outlook.com ([10.141.10.15]) with mapi id 15.00.0921.000; Wed, 23 Apr 2014 17:48:24 +0000
From: "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>
To: "mrex@sap.com" <mrex@sap.com>, Watson Ladd <watsonbladd@gmail.com>
Thread-Topic: [TLS] RC4 Considered Harmful (Was: RC4 deprecation path)
Thread-Index: AQHPXBEeN4qqsUtzzkCETpYoPXpAkJsZiM0AgATRIwCAAEGogIAAm1cAgABaFgA=
Date: Wed, 23 Apr 2014 17:48:23 +0000
Message-ID: <CF7DBAC9.1C48B%kenny.paterson@rhul.ac.uk>
References: <CACsn0c=m75TQgNYr+V9y55807MG7c50iV7y-j_wtxKeVXJLh4g@mail.gmail.com> <20140423132546.5DC4E1ACDB@ld9781.wdf.sap.corp>
In-Reply-To: <20140423132546.5DC4E1ACDB@ld9781.wdf.sap.corp>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.1.140326
x-originating-ip: [134.219.227.30]
x-forefront-prvs: 01901B3451
Content-Type: text/plain; charset="us-ascii"
Content-ID: <A7060C6A3DF2784890D3120889D615D1@eurprd03.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: rhul.ac.uk
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/bqANBI5jrGAtnM8_V2jT7OpHqds
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] RC4 Considered Harmful (Was: RC4 deprecation path)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Apr 2014 17:48:57 -0000
On 23/04/2014 14:25, "Martin Rex" <mrex@sap.com> wrote: >For some usage scenarios, record splitting like >1+1+1+1+1+1+1+1+1+1+1/(n-11) >might potentially help somewhat where the RC4 cipher suite can not be >avoided. No, this doesn't help, because of the double byte bias attacks. Moreover, the interesting content (from the attacker's perspective) is rarely in the first few bytes of the TLS connection. For an analysis of this and other "countermeasures" to the RC4 attacks, please read the paper at: http://www.isg.rhul.ac.uk/tls/RC4biases.pdf especially Section 7. Cheers Kenny
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Bill Frantz
- [TLS] RC4 depreciation path (Re: Deprecating more… Watson Ladd
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Kurt Roeckx
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Ilari Liusvaara
- Re: [TLS] RC4 deprecation path (Re: Deprecating m… Michael D'Errico
- Re: [TLS] RC4 deprecation path (Re: Deprecating m… Kurt Roeckx
- Re: [TLS] RC4 deprecation path (Re: Deprecating m… Yoav Nir
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Fabrice
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Yoav Nir
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Kurt Roeckx
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Watson Ladd
- [TLS] RC4 Considered Harmful (Was: RC4 deprecatio… Alyssa Rowan
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Yoav Nir
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Yoav Nir
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Watson Ladd
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Alyssa Rowan
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Jacob Appelbaum
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… David Holmes
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Martin Rex
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Watson Ladd
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Alyssa Rowan
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Martin Rex
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Martin Rex
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Watson Ladd
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Paterson, Kenny
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Paterson, Kenny
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Salz, Rich
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Paterson, Kenny
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Yoav Nir
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Geoffrey Keating
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Martin Rex
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Paterson, Kenny
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Marsh Ray
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Martin Rex
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Kurt Roeckx