Re: [TLS] RFC5487 PSK Key Exchange Algorithm with SHA-256/384. Premaster secret if ciphersuites negotiated for TLS V1.2?
"Salz, Rich" <rsalz@akamai.com> Fri, 07 November 2014 15:06 UTC
Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C2311A8713 for <tls@ietfa.amsl.com>; Fri, 7 Nov 2014 07:06:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.494
X-Spam-Level:
X-Spam-Status: No, score=-1.494 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.594] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wdMRvFadb6tt for <tls@ietfa.amsl.com>; Fri, 7 Nov 2014 07:06:23 -0800 (PST)
Received: from prod-mail-xrelay07.akamai.com (prod-mail-xrelay07.akamai.com [72.246.2.115]) by ietfa.amsl.com (Postfix) with ESMTP id 55ED11A8718 for <tls@ietf.org>; Fri, 7 Nov 2014 07:06:23 -0800 (PST)
Received: from prod-mail-xrelay07.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id 6542647629; Fri, 7 Nov 2014 15:06:22 +0000 (GMT)
Received: from prod-mail-relay06.akamai.com (prod-mail-relay06.akamai.com [172.17.120.126]) by prod-mail-xrelay07.akamai.com (Postfix) with ESMTP id 5813547626; Fri, 7 Nov 2014 15:06:22 +0000 (GMT)
Received: from email.msg.corp.akamai.com (usma1ex-cas3.msg.corp.akamai.com [172.27.123.32]) by prod-mail-relay06.akamai.com (Postfix) with ESMTP id 538652026; Fri, 7 Nov 2014 15:06:22 +0000 (GMT)
Received: from usma1ex-cashub5.kendall.corp.akamai.com (172.27.105.21) by usma1ex-dag1mb5.msg.corp.akamai.com (172.27.123.105) with Microsoft SMTP Server (TLS) id 15.0.913.22; Fri, 7 Nov 2014 10:06:21 -0500
Received: from USMBX1.msg.corp.akamai.com ([169.254.1.216]) by USMA1EX-CASHUB5.kendall.corp.akamai.com ([172.27.105.21]) with mapi; Fri, 7 Nov 2014 10:06:21 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: Fox Arcadia <enricarcediano@gmail.com>, Manuel Pégourié-Gonnard <mpg@polarssl.org>
Date: Fri, 07 Nov 2014 10:06:19 -0500
Thread-Topic: [TLS] RFC5487 PSK Key Exchange Algorithm with SHA-256/384. Premaster secret if ciphersuites negotiated for TLS V1.2?
Thread-Index: Ac/6im0CvPhreRFRSeK2jSNyTkMgYAAEaqkA
Message-ID: <2A0EFB9C05D0164E98F19BB0AF3708C71D4FFFC693@USMBX1.msg.corp.akamai.com>
References: <CAOrsqC0AeU-yDRY2ZRXqcS_X1=+ZNuWiSAjJmFUW4WAnM1JZ0w@mail.gmail.com> <54438671.8060806@polarssl.org> <CAOrsqC3VtK0K_7ETnCvcvdL=Mo_fx0L70m95xJSfHArMKP2yBw@mail.gmail.com>
In-Reply-To: <CAOrsqC3VtK0K_7ETnCvcvdL=Mo_fx0L70m95xJSfHArMKP2yBw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/lE0MFg--Ro7VvfarDWnp_s4JQQE
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] RFC5487 PSK Key Exchange Algorithm with SHA-256/384. Premaster secret if ciphersuites negotiated for TLS V1.2?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Nov 2014 15:06:25 -0000
> These attacks are known as DFA/SPA. > In your opinion using a key partially known by the attacker could imply a security threat? Yes, definitely. Constant time implementations have become more important and widespread recently. The state of the art moves forward. Differential power analysis is similar. Protecting against that can be done; it can be hard. See the "RSA blinding" work in OpenSSL, for example. /r$ -- Principal Security Engineer, Akamai Technologies IM: rsalz@jabber.me Twitter: RichSalz
- [TLS] RFC5487 PSK Key Exchange Algorithm with SHA… Fox Arcadia
- Re: [TLS] RFC5487 PSK Key Exchange Algorithm with… Manuel Pégourié-Gonnard
- Re: [TLS] RFC5487 PSK Key Exchange Algorithm with… Fox Arcadia
- Re: [TLS] RFC5487 PSK Key Exchange Algorithm with… Salz, Rich