Re: [TLS] A not-so crazy idea

Yair Elharrar <Yair.Elharrar@audiocodes.com> Sun, 15 November 2009 20:35 UTC

Return-Path: <Yair.Elharrar@audiocodes.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 22E513A688A for <tls@core3.amsl.com>; Sun, 15 Nov 2009 12:35:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.909
X-Spam-Level: *
X-Spam-Status: No, score=1.909 tagged_above=-999 required=5 tests=[BAYES_50=0.001, RCVD_ILLEGAL_IP=1.908]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MEmysUupBdKl for <tls@core3.amsl.com>; Sun, 15 Nov 2009 12:35:22 -0800 (PST)
Received: from incoming.audiocodes.com (mail1.audiocodes.com [195.189.193.19]) by core3.amsl.com (Postfix) with ESMTP id 0ADC63A6861 for <tls@ietf.org>; Sun, 15 Nov 2009 12:35:21 -0800 (PST)
Received: from unknown (HELO Mail1.AudioCodes.com) ([10.1.0.13]) by incoming.audiocodes.com with ESMTP; 15 Nov 2009 22:11:51 +0200
Received: from aclmail01.corp.audiocodes.com ([fe80:0000:0000:0000:00d9:1fca:234.186.136.40]) by aclcas.corp.audiocodes.com ([10.1.0.13]) with mapi; Sun, 15 Nov 2009 22:35:58 +0200
From: Yair Elharrar <Yair.Elharrar@audiocodes.com>
To: "tls@ietf.org" <tls@ietf.org>
Date: Sun, 15 Nov 2009 22:35:57 +0200
Thread-Topic: [TLS] A not-so crazy idea
Thread-Index: AcpmL3U++M43uu82REK8bKXhB/TsdQAAVxpT
Message-ID: <CE2A65CAAFE55048BA6682475F9A7DBF5EA6E601C1@ACLMAIL01.corp.audiocodes.com>
References: <200911150230.nAF2USpK019975@fs4113.wdf.sap.corp> <4AFF6EFA.6080508@pobox.com> <4AFF7071.9050102@extendedsubset.com> <4AFF77B1.1000106@jacaranda.org> <4AFF7EC3.8060805@pobox.com> <20091115173157.GR1105@Sun.COM> <4B004AE7.9000305@pobox.com>, <20091115195633.GV1105@Sun.COM>
In-Reply-To: <20091115195633.GV1105@Sun.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [TLS] A not-so crazy idea
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Nov 2009 20:35:23 -0000

What if we just change the definition of the server's FINISHED message a bit; instead of sending
    Hash(handshake_msgs)
to the client, the server will send
    Hash(handshake_msgs || verify_data)
using the session's previous verify_data.
There's no change to initial handshakes, of course, as there's no previous verify_data.

This means:
1. Patched client and patched server: renegotiation is safe.
2. Patched client, unpatched server: the client can calculate Hash(handshake_msgs) and tell that the server is unpatched. It is up to the client to decide whether to abort the session or not.
3. Unpatched client, patched server: renegotiation will fail, as it should.


Yair
--

This email and any files transmitted with it are confidential material. They are intended solely for the use of the designated individual or entity to whom they are addressed. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, use, distribution or copying of this communication is strictly prohibited and may be unlawful.

If you have received this email in error please immediately notify the sender and delete or destroy any copy of this message