[Cryptography] Langsec & authentication
Theodore Ts'o
tytso at mit.edu
Tue May 27 11:42:40 EDT 2014
On Tue, May 27, 2014 at 07:42:25AM +1000, James A. Donald wrote:
> >What confuses me is trying to align this with a principle of
> >cryptography that you should only authenticate what you mean, as
> >opposed to authenticating a particular series of bytes, especially in
> >the face of langsec sites that recommend the use of JSON after having
> >argued convincingly against ASN.1 DER.
>
>
> ASN.1 DER contains a turing machine in which the attacker can execute code
> that you never imagined.
>
> With ASN.1 PER that turing machine is executed at compile time, and at run
> time is no longer around, so your attacker cannot use it.
Furthermore, competent JSON readers do not parse JSON by exec'ing the
JSON as javascript, but rather by explicitly parsing it. It's true
that a config language such as this:
FOO=value1
BAR=value2
can be parsed by a shell script using ". config", but that doesn't
mean that this is the only way, or even the advisable way, to parse
such an encoding!
- Ted
More information about the cryptography
mailing list