[Bodo Moeller <bodo at openssl.org>] OpenSSL Security Advisory: Timing-based attacks on SSL/TLS with CBC encryption

Roy M. Silvernail roy at scytale.com
Mon Feb 24 19:34:29 EST 2003

On Friday 21 February 2003 11:19 pm, you wrote:

> This changes the padding on each message containing the password, making
> the attack rather more difficult, and has the advantage that you don't need
> to convince the party running the server to update their software. 
> Depending on how much stuff you can send per message, you can vary it by
> quite a bit.  In the POP case the "PASS xxx" would be a single message so
> you don't have quite that much leeway, but it looks like you can add enough
> whitespace to make the padding random.  Someone else on the list posted a
> followup to say he'd tried it on two servers and they had no trouble with
> the whitespace.

Seems to me that APOP would accomplish much the same thing without the need 
for random padding, no?  Or is APOP not widely implemented?

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list