---------- Forwarded message ---------- From: lakshmi prasanna <[EMAIL PROTECTED]> Date: Mon, Jun 16, 2008 at 6:06 PM Subject: Re: Difference in packet contents To: Vijay Kotari <[EMAIL PROTECTED]>
Hi, You can find information on this page " http://developer.mozilla.org/en/docs/Introduction_to_SSL:. Actually AES algorithm is not used in CBC mode here, so you should get the same encrypted data for both the blocks. I am not sure why it is showing different encrypted data for the same plain text. I dont have the programs that you have mentioned. Will get back to you once I look into that. thanks, --lakshmi prasanna On Mon, Jun 16, 2008 at 3:59 PM, Vijay Kotari <[EMAIL PROTECTED]> wrote: > Hi, > > I am using DHE-RSA-AES256-SHA, which would mean that it uses DHE-RSA for the > handshake and then AES256 for the application data transfer coupled with SHA > for message authentication according to you. Can you please point me to some > link that confirms the same? > > But that still does not resolve my issue. I don't mean to bombard you with > too much data but this is the packet dump that I got for both instances. > > > 0000 - 17 03 01 00 20 86 bd 69-7e 07 71 32 f0 e0 27 14 .... ..i~.q2..'. > 0010 - 38 17 ad e7 68 9d 19 09-6c c5 fa 56 64 60 fc 7e 8...h...l..Vd`.~ > 0020 - e2 92 f9 fa b9 17 03 01-00 20 2b fc 38 6e ad a6 ......... +.8n.. > 0030 - 05 8e 4e cd ae ce 59 61-1c 22 69 7b f8 2d 7a eb ..N...Ya."i{.-z. > 0040 - 1b de 40 ac 0b 8d d3 03-79 b7 [EMAIL PROTECTED] > > > 0000 - 17 03 01 00 20 85 a8 56-37 07 7a 63 96 fd 12 ad .... ..V7.zc.... > 0010 - 75 2c 42 97 8c 69 2a 6c-87 36 2e 2d ad f5 12 1b u,B..i*l.6.-.... > 0020 - d9 c5 ee c8 88 17 03 01-00 20 2e 3f 39 51 1a 6f ......... .?9Q.o > 0030 - 99 8d d0 56 26 9e 15 97-3c fd b4 b7 00 92 50 9d ...V&...<.....P. > 0040 - 98 52 6f 51 b8 1d 23 83-8b dc > .RoQ..#... > > The payload sizes in both cases is 20 bytes but the bytes that follow are > not the same. Actually, this is the packet dump that I got by using the > sample s_server and s_client programs with the debug option for getting the > packet dumps. Perhaps, you can simulate the same at your end? > > Gladly appreciate any help on this. > > > Thanks and regards, > Vijay K. > > On Mon, Jun 16, 2008 at 3:37 PM, lakshmi prasanna <[EMAIL PROTECTED]> > wrote: >> >> Hi, >> >> You mean you are using RSA for encryption??? >> Normally, this will not be the case. DHE-RSA is used for Key exchange >> and/or Authentication but nor for encryption. Just verify the Server >> Hello Message you received, it consists a string like >> DHE_RSA_WITH_<something>. The "something" part indicates the >> Encryption algorithm and the MAC algorithm to be used. >> >> RSA will not be used for encryption since it is very slow in >> encrypting large amount of data... >> >> -- Lakshmi Prasanna >> >> On Mon, Jun 16, 2008 at 3:24 PM, Vijay Kotari <[EMAIL PROTECTED]> >> wrote: >> > Hi, >> > >> > No, I don't think that is it. I am using Public-key cryptography. To be >> > specific, I am using the DHE-RSA. >> > >> > Thanks, >> > Vijay K. >> > >> > On Mon, Jun 16, 2008 at 3:11 PM, lakshmi prasanna <[EMAIL PROTECTED]> >> > wrote: >> >> >> >> Hi, >> >> >> >> If you are using Stream Cipher or CBC mode block cipher, then the same >> >> application data will produce different encrypted data, since the two >> >> encryption (cipher) algorithms perform encryption using the previous >> >> block and current block (CBC mode block cipher) or previous stream >> >> data (Stream Cipher). >> >> That is the reason why you are observing different packet dumps for >> >> same application data. >> >> >> >> thanks, >> >> Lakshmi Prasanna >> >> >> >> On Mon, Jun 16, 2008 at 2:35 PM, Vijay Kotari <[EMAIL PROTECTED]> >> >> wrote: >> >> > Hi, >> >> > >> >> > While observing some packet dump, I noticed that while sending the >> >> > same >> >> > application data over twice, different packet dumps were obtained in >> >> > both >> >> > cases. This was done in the same SSL session, so the connection keys >> >> > being >> >> > used are all the same. Is this expected behavior or am I reading the >> >> > packet >> >> > dumps wrong? >> >> > >> >> > >> >> > Thanks and Regards, >> >> > Vijay K. >> >> > >> >> > >> >> > >> >> >> >> >> >> >> >> -- >> >> thanks, >> >> Lakshmi Prasanna >> > >> > >> >> >> >> -- >> thanks, >> Lakshmi Prasanna > > -- thanks, Lakshmi Prasanna -- thanks, Lakshmi Prasanna
