[TLS] TLS and KCI vulnerable handshakes

Clemens Hlauschek <clemens.hlauschek@rise-world.com> Mon, 10 August 2015 16:12 UTC

Return-Path: <clemens.hlauschek@rise-world.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6BE701B37FE for <tls@ietfa.amsl.com>; Mon, 10 Aug 2015 09:12:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.701
X-Spam-Level:
X-Spam-Status: No, score=-0.701 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DkwvYQY5xooh for <tls@ietfa.amsl.com>; Mon, 10 Aug 2015 09:12:54 -0700 (PDT)
Received: from mail01.rise-w.com (mail01.rise-w.com [88.116.105.226]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C571B1B37F6 for <tls@ietf.org>; Mon, 10 Aug 2015 09:12:47 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail01.rise-w.com (Postfix) with ESMTP id 49D8F40E406; Mon, 10 Aug 2015 18:12:45 +0200 (CEST)
Received: from [192.168.249.71] (71.4.208.241.ptr.us.xo.net [71.4.208.241]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.rise-world.com (Postfix) with ESMTPSA id 7A7E540E056 for <tls@ietf.org>; Mon, 10 Aug 2015 18:12:44 +0200 (CEST)
Message-ID: <55C8CD7A.7030309@rise-world.com>
Date: Mon, 10 Aug 2015 12:12:42 -0400
From: Clemens Hlauschek <clemens.hlauschek@rise-world.com>
User-Agent: mutt 1.5.23 (Plan 9)
MIME-Version: 1.0
To: tls@ietf.org
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/rz87Cvxx6X9tiVEjONhcPUYySxw>
X-Mailman-Approved-At: Tue, 11 Aug 2015 10:49:32 -0700
Subject: [TLS] TLS and KCI vulnerable handshakes
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Aug 2015 16:13:56 -0000

Hi,

I published a paper today on KCI-attacks in TLS. This might be of
interest to the TLS WG.

https://www.usenix.org/conference/woot15/workshop-program/presentation/hlauschek

Regards,
Clemens