Re: [TLS] Issue 49: Finished.verify length

To: tls at ietf.org
Subject: Re: [TLS] Issue 49: Finished.verify length
From: Mike <mike-list at pobox.com>
Date: Thu, 13 Sep 2007 22:38:14 -0700
Cc:
In-reply-to: <20070914040741.3473733C3A@delta.rtfm.com>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
References: <20070913183453.D32DD33C21@delta.rtfm.com> <46E9D35F.60904@pobox.com> <20070914040741.3473733C3A@delta.rtfm.com>
User-agent: Thunderbird 2.0.0.6 (Windows/20070728)

As I recall, the truncation was intended to *increase* security,
because it leaked less information about the MS to an active
attacker.


Well, the Finished message follows ChangeCipherSpec, so it is
encrypted when the attacker receives it.  I was thinking about
the other direction where the attacker convinces you (via his
Finished message) that a session has been established, making
you think it's ok to send your sensitive information, which
he can then work offline to try to decode.  His Finished
message would also have to be correctly encrypted and MAC'ed,
so I imagine it would be extremely difficult to forge in any
case....

Mike

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

References:
- [TLS] Issue 49: Finished.verify length
  - From: Eric Rescorla
- Re: [TLS] Issue 49: Finished.verify length
  - From: Mike
- Re: [TLS] Issue 49: Finished.verify length
  - From: Eric Rescorla

Prev by Date: Re: [TLS] Issue 49: Finished.verify length
Next by Date: Re: [TLS] Issue 49: Finished.verify length
Previous by thread: Re: [TLS] Issue 49: Finished.verify length
Next by thread: Re: [TLS] Issue 49: Finished.verify length
Index(es):
- Date
- Thread

Re: [TLS] Issue 49: Finished.verify length

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.