Re: [TLS] Duong and Rizzo, the actual attack

Florian Weimer <fweimer@bfk.de> Sat, 01 October 2011 16:19 UTC

Return-Path: <fweimer@bfk.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 433A021F8FC9 for <tls@ietfa.amsl.com>; Sat, 1 Oct 2011 09:19:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.943
X-Spam-Level:
X-Spam-Status: No, score=-1.943 tagged_above=-999 required=5 tests=[AWL=0.306, BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9LkaylQVkB1w for <tls@ietfa.amsl.com>; Sat, 1 Oct 2011 09:19:47 -0700 (PDT)
Received: from mx01.bfk.de (mx01.bfk.de [193.227.124.2]) by ietfa.amsl.com (Postfix) with ESMTP id 23C3A21F8F87 for <tls@ietf.org>; Sat, 1 Oct 2011 09:19:47 -0700 (PDT)
Received: from mx00.int.bfk.de ([10.119.110.2]) by mx01.bfk.de with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) id 1RA2Kn-0004zM-Sm; Sat, 01 Oct 2011 16:22:41 +0000
Received: by bfk.de with local id 1RA2Kn-0003He-Pu; Sat, 01 Oct 2011 16:22:41 +0000
From: Florian Weimer <fweimer@bfk.de>
To: Eric Rescorla <ekr@rtfm.com>
References: <F6D1CEF0-0859-4DD2-A22E-CF8CDDF7E629@vpnc.org> <CABcZeBOw8SveKsQzK2oCY62n75XuQC3XVr-e5WJpC4a9Pe-C7g@mail.gmail.com>
Date: Sat, 01 Oct 2011 16:22:41 +0000
In-Reply-To: <CABcZeBOw8SveKsQzK2oCY62n75XuQC3XVr-e5WJpC4a9Pe-C7g@mail.gmail.com> (Eric Rescorla's message of "Fri, 23 Sep 2011 18:00:10 -0700")
Message-ID: <82sjncsmum.fsf@mid.bfk.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: Paul Hoffman <paul.hoffman@vpnc.org>, tls@ietf.org
Subject: Re: [TLS] Duong and Rizzo, the actual attack
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 01 Oct 2011 16:19:48 -0000

* Eric Rescorla:

> I'm also not Adam Langley, but here's my writeup:
> http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html

I think a semi-passive eavesdropper (which is present under this threat
model) can bypass the same-origin protection in practically all cases.
An attacker which can route requests through the browser and can
otherwise only observe traffic, but not inject it, seems a rather
unrealistic scenario to me.  If you can observe traffic, clairvoyant DNS
spoofing should be possible, and with that, SOP falls completely.  The
Oracle browser plugin for Java some folks seem to concentrate on is
probably not that relevant.

Anyway, is there are full writeup?  The copies of the paper I've seen
still has many blank sections.

-- 
Florian Weimer                <fweimer@bfk.de>
BFK edv-consulting GmbH       http://www.bfk.de/
Kriegsstra├če 100              tel: +49-721-96201-1
D-76133 Karlsruhe             fax: +49-721-96201-99