The only mode that should cause the same encrypted data to be sent twice in exactly the same manner is "ECB" -- Electronic Code Book. Because this has been recognized by cryptographers as being vulnerable to many different cryptographic analysis techniques, I am not aware of any SSL/TLS implementation that uses it.
-Kyle H On Mon, Jun 16, 2008 at 5:36 AM, lakshmi prasanna <[EMAIL PROTECTED]> wrote: > > > ---------- Forwarded message ---------- > From: lakshmi prasanna <[EMAIL PROTECTED]> > Date: Mon, Jun 16, 2008 at 6:06 PM > Subject: Re: Difference in packet contents > To: Vijay Kotari <[EMAIL PROTECTED]> > > > Hi, > > You can find information on this page > "http://developer.mozilla.org/en/docs/Introduction_to_SSL:. > > Actually AES algorithm is not used in CBC mode here, so you should get the > same encrypted data for both the blocks. > I am not sure why it is showing different encrypted data for the same plain > text. > I dont have the programs that you have mentioned. Will get back to you once > I look into that. > > thanks, > --lakshmi prasanna > > On Mon, Jun 16, 2008 at 3:59 PM, Vijay Kotari <[EMAIL PROTECTED]> > wrote: >> Hi, >> >> I am using DHE-RSA-AES256-SHA, which would mean that it uses DHE-RSA for >> the >> handshake and then AES256 for the application data transfer coupled with >> SHA >> for message authentication according to you. Can you please point me to >> some >> link that confirms the same? >> >> But that still does not resolve my issue. I don't mean to bombard you with >> too much data but this is the packet dump that I got for both instances. >> >> >> 0000 - 17 03 01 00 20 86 bd 69-7e 07 71 32 f0 e0 27 14 .... ..i~.q2..'. >> 0010 - 38 17 ad e7 68 9d 19 09-6c c5 fa 56 64 60 fc 7e 8...h...l..Vd`.~ >> 0020 - e2 92 f9 fa b9 17 03 01-00 20 2b fc 38 6e ad a6 ......... >> +.8n.. >> 0030 - 05 8e 4e cd ae ce 59 61-1c 22 69 7b f8 2d 7a eb ..N...Ya."i{.-z. >> 0040 - 1b de 40 ac 0b 8d d3 03-79 b7 >> [EMAIL PROTECTED] >> >> >> 0000 - 17 03 01 00 20 85 a8 56-37 07 7a 63 96 fd 12 ad .... ..V7.zc.... >> 0010 - 75 2c 42 97 8c 69 2a 6c-87 36 2e 2d ad f5 12 1b u,B..i*l.6.-.... >> 0020 - d9 c5 ee c8 88 17 03 01-00 20 2e 3f 39 51 1a 6f ......... >> .?9Q.o >> 0030 - 99 8d d0 56 26 9e 15 97-3c fd b4 b7 00 92 50 9d ...V&...<.....P. >> 0040 - 98 52 6f 51 b8 1d 23 83-8b dc >> .RoQ..#... >> >> The payload sizes in both cases is 20 bytes but the bytes that follow are >> not the same. Actually, this is the packet dump that I got by using the >> sample s_server and s_client programs with the debug option for getting >> the >> packet dumps. Perhaps, you can simulate the same at your end? >> >> Gladly appreciate any help on this. >> >> >> Thanks and regards, >> Vijay K. >> >> On Mon, Jun 16, 2008 at 3:37 PM, lakshmi prasanna <[EMAIL PROTECTED]> >> wrote: >>> >>> Hi, >>> >>> You mean you are using RSA for encryption??? >>> Normally, this will not be the case. DHE-RSA is used for Key exchange >>> and/or Authentication but nor for encryption. Just verify the Server >>> Hello Message you received, it consists a string like >>> DHE_RSA_WITH_<something>. The "something" part indicates the >>> Encryption algorithm and the MAC algorithm to be used. >>> >>> RSA will not be used for encryption since it is very slow in >>> encrypting large amount of data... >>> >>> -- Lakshmi Prasanna >>> >>> On Mon, Jun 16, 2008 at 3:24 PM, Vijay Kotari <[EMAIL PROTECTED]> >>> wrote: >>> > Hi, >>> > >>> > No, I don't think that is it. I am using Public-key cryptography. To be >>> > specific, I am using the DHE-RSA. >>> > >>> > Thanks, >>> > Vijay K. >>> > >>> > On Mon, Jun 16, 2008 at 3:11 PM, lakshmi prasanna <[EMAIL PROTECTED]> >>> > wrote: >>> >> >>> >> Hi, >>> >> >>> >> If you are using Stream Cipher or CBC mode block cipher, then the same >>> >> application data will produce different encrypted data, since the two >>> >> encryption (cipher) algorithms perform encryption using the previous >>> >> block and current block (CBC mode block cipher) or previous stream >>> >> data (Stream Cipher). >>> >> That is the reason why you are observing different packet dumps for >>> >> same application data. >>> >> >>> >> thanks, >>> >> Lakshmi Prasanna >>> >> >>> >> On Mon, Jun 16, 2008 at 2:35 PM, Vijay Kotari <[EMAIL PROTECTED]> >>> >> wrote: >>> >> > Hi, >>> >> > >>> >> > While observing some packet dump, I noticed that while sending the >>> >> > same >>> >> > application data over twice, different packet dumps were obtained in >>> >> > both >>> >> > cases. This was done in the same SSL session, so the connection keys >>> >> > being >>> >> > used are all the same. Is this expected behavior or am I reading the >>> >> > packet >>> >> > dumps wrong? >>> >> > >>> >> > >>> >> > Thanks and Regards, >>> >> > Vijay K. >>> >> > >>> >> > >>> >> > >>> >> >>> >> >>> >> >>> >> -- >>> >> thanks, >>> >> Lakshmi Prasanna >>> > >>> > >>> >>> >>> >>> -- >>> thanks, >>> Lakshmi Prasanna >> >> > > > > -- > thanks, > Lakshmi Prasanna > > > > -- > thanks, > Lakshmi Prasanna ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
