On Mon, Sep 19, 2011 at 12:42 PM, Marsh Ray <ma...@extendedsubset.com> wrote: > IMHO, as far as crypto protocols go the TLS protocol itself is pretty solid > as long as the endpoints restrict themselves to negotiating the right > options. > > On that note, there's a little more info coming out on the Duong-Rizzo > attack: > http://threatpost.com/en_us/blogs/new-attack-breaks-confidentiality-model-ssl-allows-theft-encrypted-cookies-091611
So does anyone know anymore details on this? Specifically is it an implementation flaw or a design flaw? Duong & Rizzo's previous work relied on padding oracle attacks whereas this one is categorized as a chosen-plaintext attack, so it looks like it's not building on their previous work. Lastly, would anyone care to speculate whether (for instance) using RC4 intead of AES/CBC protect you from this chosen-plaintext attack? The article cited by the URL that Marsh mentioned only mentions AES so perhaps other cipher choices are immune. Just not a lot of details available yet. Guess will have to wait until Friday. Thanks, -kevin -- Blog: http://off-the-wall-security.blogspot.com/ "The most likely way for the world to be destroyed, most experts agree, is by accident. That's where we come in; we're computer professionals. We *cause* accidents." -- Nathaniel Borenstein _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
