[Cryptography] Because one TLS bug per month is just not enough
Watson Ladd
watsonbladd at gmail.com
Sun Apr 27 20:24:59 EDT 2014
On Sun, Apr 27, 2014 at 4:57 PM, Kevin W. Wall <kevin.w.wall at gmail.com> wrote:
> Matthew Green has a good write-up in his blog at
> <http://blog.cryptographyengineering.com/2014/04/attack-of-week-triple-handshakes-3shake.html>
>
> This one appears to affect Apple OS/X and iOS but it
> wouldn't surprise me if other implementations have the
> same issue. Fortunately according to Green, this will have
> much less impact to security than did Heartbleed because
> it only affects seldom used use cases of TLS.
Nope: this affects all implementations. It's an issue in the protocol.
Furthermore, it's the kind of issue that tools like Proverif can
detect, automating the sort of analysis that BAN logic or Yao-Dolev
asks you to do by hand.
The miTLS team discovered it while attempting to show that TLS was
secure. Previously Kerberos v4 had to get bumped to v5 because a
similar analysis found a similar issue.
Sincerely,
Watson Ladd
--
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither Liberty nor Safety."
-- Benjamin Franklin
More information about the cryptography
mailing list