IETF Logo Mail Archive

[TLS] draft-rescorla-tls-renegotiate and MITM resistance

Yair Elharrar <Yair.Elharrar@audiocodes.com> Mon, 09 November 2009 12:16 UTC

Return-Path: <Yair.Elharrar@audiocodes.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EEBEF3A6A19 for <tls@core3.amsl.com>; Mon, 9 Nov 2009 04:16:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w9O5hELeJnN1 for <tls@core3.amsl.com>; Mon, 9 Nov 2009 04:16:21 -0800 (PST)
Received: from incoming.audiocodes.com (mail1.audiocodes.com [195.189.193.19]) by core3.amsl.com (Postfix) with ESMTP id D1A0A3A68B7 for <tls@ietf.org>; Mon, 9 Nov 2009 04:16:19 -0800 (PST)
Received: from unknown (HELO Mail1.AudioCodes.com) ([10.1.1.65]) by incoming.audiocodes.com with ESMTP; 09 Nov 2009 13:53:32 +0200
Received: from aclmail01.corp.audiocodes.com ([fe80::d9:1fca:eaba:8828]) by aclcas02.corp.audiocodes.com ([::1]) with mapi; Mon, 9 Nov 2009 14:17:16 +0200
From: Yair Elharrar <Yair.Elharrar@audiocodes.com>
To: "tls@ietf.org" <tls@ietf.org>
Date: Mon, 09 Nov 2009 14:17:24 +0200
Thread-Topic: draft-rescorla-tls-renegotiate and MITM resistance
Thread-Index: AcphNpiYsAWri5X4SDqhcfiTfcxkGA==
Message-ID: <CE2A65CAAFE55048BA6682475F9A7DBF5EA6E59A16@ACLMAIL01.corp.audiocodes.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-cr-hashedpuzzle: AGyK A2or BifF Bvtc B7zP CQY0 DLGW D0/K D+6+ ET8e E4Vl Fktc GqCQ I3NY JmS6 J1uR; 1; dABsAHMAQABpAGUAdABmAC4AbwByAGcA; Sosha1_v1; 7; {4125738D-DB00-470A-A62A-07A3191F20F0}; eQBhAGkAcgAuAGUAbABoAGEAcgByAGEAcgBAAGEAdQBkAGkAbwBjAG8AZABlAHMALgBjAG8AbQA=; Mon, 09 Nov 2009 12:17:24 GMT; ZAByAGEAZgB0AC0AcgBlAHMAYwBvAHIAbABhAC0AdABsAHMALQByAGUAbgBlAGcAbwB0AGkAYQB0AGUAIABhAG4AZAAgAE0ASQBUAE0AIAByAGUAcwBpAHMAdABhAG4AYwBlAA==
x-cr-puzzleid: {4125738D-DB00-470A-A62A-07A3191F20F0}
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [TLS] draft-rescorla-tls-renegotiate and MITM resistance
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Nov 2009 12:17:30 -0000

The proposed draft is intended to resolve an MITM attack scenario, but is the new extension tamper-resistant?

Since the MITM handles all traffic between the real client and real server, it could add a fake extension to the 2nd ClientHello with its original verify_data, and empty the returned extension in the ServerHello.

In addition, until such time that all clients in the world start supporting this extension (e.g. kiosks in airports), servers will have to support backward compatibility. The MITM can downgrade every client by simply removing the extension from the ClientHello.

        Yair


This email and any files transmitted with it are confidential material. They are intended solely for the use of the designated individual or entity to whom they are addressed. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, use, distribution or copying of this communication is strictly prohibited and may be unlawful.

If you have received this email in error please immediately notify the sender and delete or destroy any copy of this message

v2.23.0 | Report a Bug | By Email