[87926] in cryptography@c2.net mail archive
Re: More info in my AES128-CBC question
daemon@ATHENA.MIT.EDU (Travis H.)
Wed May 9 15:14:53 2007
Date: Wed, 9 May 2007 01:13:36 -0500
From: "Travis H." <travis+ml-cryptography@subspacefield.org>
To: Cryptography <cryptography@metzdowd.com>
Mail-Followup-To: Cryptography <cryptography@metzdowd.com>
In-Reply-To: <Pine.SOL.4.61.0704271629440.21523@mental>
--EVh9lyqKgK19OcEf
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Apr 27, 2007 at 05:13:44PM -0400, Leichter, Jerry wrote:
> Frankly, for SSH this isn't a very plausible attack, since it's not
> clear how you could force chosen plaintext into an SSH session between
> messages. A later paper suggested that SSL is more vulnerable:
> A browser plugin can insert data into an SSL protected session, so
> might be able to cause information to leak.
Hmm, what about IPSec? Aren't most of the cipher suites used there
CBC mode? If it doesn't key each flow seperately, and the opponent
has the ability to generate traffic over the link, which isn't
unreasonable, then this would seem feasible. And then there's openvpn,
which uses SSL for the point-to-point link, thus probably vulnerable,
more vulnerable than a browser. I am also aware of SSL being used
many places other than browsers and openvpn.
--=20
Kill dash nine, and its no more CPU time, kill dash nine, and that
process is mine. -><- <URL:http://www.subspacefield.org/~travis/>
For a good time on my UBE blacklist, email john@subspacefield.org.
--EVh9lyqKgK19OcEf
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (OpenBSD)
iQIVAwUBRkFmj2QVZZEDJt9HAQKM+w//VnQQZxKi5TPydDYGHoaNg8nCbAea+WS+
xfy8CQSt815zZ0+GIBQHFDiqP8/VD7hdep8VVqr9lCpQr8gYaRUznFEqAK5F8W9G
neM6TxnIyXR26LzT0QylltOO8zkSBK8NHMbjmFTW6HpzTZD41nNSnAuM7gxJP8VY
Y3cq5FOhS2MUyZ1mZYnDLKIO8ZgqYJMHbfxvsEDPelZsnIB6YtXALgfFhrEQdW1d
AbuncSmMMBWIQ/QyZBDlA6per5HUuFnwfDYRhJZiNe9IRiRQ3NrfxWB49P1o80ms
rocsxdS2uVvgB2DBbsgbpx6OpEzgNBqexYkZOLDFOoX2nGuuX7G2m+v3s9Ul8y9p
FrgrohwXvTNeWCBX6yfghOmQLRvMbnDp+OQ8BxwuZPUURq3l0hSWK1jwuYzItrSD
IO4j54aECIO+Nu38bTh/70EN6I2sWhV4AgQFBHicebk29veuFSVUxI1s+bK535/0
Q+Sn1obIhfytHPz9uVlWj2sev1mful1hTSHhFmJsxoavAJg0DXR3/+P5CIXE/oHo
5XQpgel5oI5vU1ZFMnIrlIceWRSuCh0dcH67aet7aWEermox1xuTLpnUUkywI7Q6
ZdlxDlNBU9sDRXLhNOa68Hu/VUstmX8PsBrIAzuze1y2aOx5KJvOz17VG988nqD5
jHYhoHT+ES8=
=8NEc
-----END PGP SIGNATURE-----
--EVh9lyqKgK19OcEf--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
