[12581] in cryptography@c2.net mail archive
Re: [Bodo Moeller ] OpenSSL Security Advisory: Timing-based attacks on SSL/TLS with CBC encryption
daemon@ATHENA.MIT.EDU (Roy M. Silvernail)
Mon Feb 24 19:56:48 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
From: "Roy M. Silvernail" <roy@scytale.com>
Reply-To: roy@scytale.com
To: pgut001@cs.auckland.ac.nz (Peter Gutmann)
Date: Mon, 24 Feb 2003 18:34:29 -0600
In-Reply-To: <200302220519.h1M5JYr05021@medusa01.cs.auckland.ac.nz>
Cc: cryptography@wasabisystems.com
On Friday 21 February 2003 11:19 pm, you wrote:
> This changes the padding on each message containing the password, making
> the attack rather more difficult, and has the advantage that you don't need
> to convince the party running the server to update their software.
> Depending on how much stuff you can send per message, you can vary it by
> quite a bit. In the POP case the "PASS xxx" would be a single message so
> you don't have quite that much leeway, but it looks like you can add enough
> whitespace to make the padding random. Someone else on the list posted a
> followup to say he'd tried it on two servers and they had no trouble with
> the whitespace.
Seems to me that APOP would accomplish much the same thing without the need
for random padding, no? Or is APOP not widely implemented?
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
