[Bodo Moeller <bodo at openssl.org>] OpenSSL Security Advisory: Timing-based attacks on SSL/TLS with CBC encryption

Roy M. Silvernail roy at scytale.com
Mon Feb 24 19:34:29 EST 2003


On Friday 21 February 2003 11:19 pm, you wrote:

> This changes the padding on each message containing the password, making
> the attack rather more difficult, and has the advantage that you don't need
> to convince the party running the server to update their software. 
> Depending on how much stuff you can send per message, you can vary it by
> quite a bit.  In the POP case the "PASS xxx" would be a single message so
> you don't have quite that much leeway, but it looks like you can add enough
> whitespace to make the padding random.  Someone else on the list posted a
> followup to say he'd tried it on two servers and they had no trouble with
> the whitespace.

Seems to me that APOP would accomplish much the same thing without the need 
for random padding, no?  Or is APOP not widely implemented?

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list