Re: Difference in packet contents

2008-06-17 Thread Marek . Marcola
Hello, [EMAIL PROTECTED] wrote on 06/17/2008 03:21:08 PM: > Hi, > > I do know for a fact that part of the Finish message is encrypted. My question was > actually if the Message type field is also part of the encrypted part? In which case, as > I had pointed out earlier, there is a chance that

Re: Difference in packet contents

2008-06-17 Thread lakshmi prasanna
The whole Finish message, (ie., Handshake protocols Header indicating this message as Finished message, and the encrypted Data) is encrypted and sent. At the other end the packet is decrypted. This decryption is done because a Change Cipher Spec message has been received before this message by the

Re: Difference in packet contents

2008-06-17 Thread Vijay Kotari
Hi, I do know for a fact that part of the Finish message is encrypted. My question was actually if the Message type field is also part of the encrypted part? In which case, as I had pointed out earlier, there is a chance that the first byte of the encrypted {message_type + message} can be equal to

Re: Difference in packet contents

2008-06-17 Thread Marek . Marcola
Hello, [EMAIL PROTECTED] wrote on 06/17/2008 02:11:14 PM: > Yup, that solves it. > > Another matter that's been troubling me is the output that I get when I run the s_server > program with the debug option. At the end of the handshake, when the server sends the > Finished Packet to the clien

Re: Difference in packet contents

2008-06-17 Thread lakshmi prasanna
Hi, Actually, the Handshake Message becomes the data for record protocol. so the Handshake message for Finished message contains a header that has 20 in the type field to indicate Finished message. This Handshake message including the Header and Data, is encrypted using the keys generated during n

Re: Difference in packet contents

2008-06-17 Thread Vijay Kotari
Yup, that solves it. Another matter that's been troubling me is the output that I get when I run the s_server program with the debug option. At the end of the handshake, when the server sends the Finished Packet to the client, the following packet dump is obtained. write to 099EB570 [099FADC0] (5

Re: Difference in packet contents

2008-06-17 Thread lakshmi prasanna
Hi, Actually, AES is by default implemented in CBC (Cipher Block Chaining )mode in TLSv1. Refer RFC 3268. Since the encryption is done in CBC mode, you will not get the same encrypted text for identical plain text. --lakshmi prasanna On Tue, Jun 17, 2008 at 10:58 AM, jimmy bahuleyan <[EMAIL PROT

Re: Difference in packet contents

2008-06-16 Thread jimmy bahuleyan
Vijay Kotari wrote: @DS Nicely put. So, if I was to try to decrypt/encrypt one of these messages, I would need the key and the iv and something else? Because if just the key and iv are sufficient to encrypt/decrypt the data, then how are the different encrypted messages generated for the same

Re: Difference in packet contents

2008-06-16 Thread Vijay Kotari
@DS Nicely put. So, if I was to try to decrypt/encrypt one of these messages, I would need the key and the iv and something else? Because if just the key and iv are sufficient to encrypt/decrypt the data, then how are the different encrypted messages generated for the same cleartext? On Tue, Jun

RE: Difference in packet contents

2008-06-16 Thread David Schwartz
> While observing some packet dump, I noticed that while sending > the same application data over twice, different packet dumps > were obtained in both cases. Good. > This was done in the same SSL session, so the connection keys > being used are all the same. Is this expected behavior or am I >

Re: Difference in packet contents

2008-06-16 Thread Kyle Hamilton
ny SSL/TLS implementation that uses it. -Kyle H On Mon, Jun 16, 2008 at 5:36 AM, lakshmi prasanna <[EMAIL PROTECTED]> wrote: > > > -- Forwarded message -- > From: lakshmi prasanna <[EMAIL PROTECTED]> > Date: Mon, Jun 16, 2008 at 6:06 PM > Subject: Re: Differen

Fwd: Difference in packet contents

2008-06-16 Thread lakshmi prasanna
-- Forwarded message -- From: lakshmi prasanna <[EMAIL PROTECTED]> Date: Mon, Jun 16, 2008 at 6:06 PM Subject: Re: Difference in packet contents To: Vijay Kotari <[EMAIL PROTECTED]> Hi, You can find information on this page " http://developer.mo

Re: Difference in packet contents

2008-06-16 Thread lakshmi prasanna
Hi, You mean you are using RSA for encryption??? Normally, this will not be the case. DHE-RSA is used for Key exchange and/or Authentication but nor for encryption. Just verify the Server Hello Message you received, it consists a string like DHE_RSA_WITH_. The "something" part indicates the Encryp

Re: Difference in packet contents

2008-06-16 Thread lakshmi prasanna
Hi, If you are using Stream Cipher or CBC mode block cipher, then the same application data will produce different encrypted data, since the two encryption (cipher) algorithms perform encryption using the previous block and current block (CBC mode block cipher) or previous stream data (Stream Ciph

Difference in packet contents

2008-06-16 Thread Vijay Kotari
Hi, While observing some packet dump, I noticed that while sending the same application data over twice, different packet dumps were obtained in both cases. This was done in the same SSL session, so the connection keys being used are all the same. Is this expected behavior or am I reading the pack