More info in my AES128-CBC question
Travis H.
travis+ml-cryptography at subspacefield.org
Wed May 9 02:13:36 EDT 2007
On Fri, Apr 27, 2007 at 05:13:44PM -0400, Leichter, Jerry wrote:
> Frankly, for SSH this isn't a very plausible attack, since it's not
> clear how you could force chosen plaintext into an SSH session between
> messages. A later paper suggested that SSL is more vulnerable:
> A browser plugin can insert data into an SSL protected session, so
> might be able to cause information to leak.
Hmm, what about IPSec? Aren't most of the cipher suites used there
CBC mode? If it doesn't key each flow seperately, and the opponent
has the ability to generate traffic over the link, which isn't
unreasonable, then this would seem feasible. And then there's openvpn,
which uses SSL for the point-to-point link, thus probably vulnerable,
more vulnerable than a browser. I am also aware of SSL being used
many places other than browsers and openvpn.
--
Kill dash nine, and its no more CPU time, kill dash nine, and that
process is mine. -><- <URL:http://www.subspacefield.org/~travis/>
For a good time on my UBE blacklist, email john at subspacefield.org.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20070509/7fe3e69f/attachment.pgp>
More information about the cryptography
mailing list