[Cryptography] Langsec & authentication

Stephan Neuhaus stephan.neuhaus at tik.ee.ethz.ch
Tue May 27 15:08:35 EDT 2014


On 2014-05-27, 20:20, Judson Lester wrote:
> But this document:
> FOO=value1
> FOO=value2
> 
> has the same outcome in the exchange as
> FOO=value2
> 
> But they authenticate differently. 

Even worse, the document

FOO=value1

might authenticate differently from the document

FOO=value1

if any characters used to represent the first line used UTF-8
non-shortest-form encodings and the second one didn't.  (I don't know
how to make this happen in Thunderbird, so this is an example only, OK?)
And this even though both represent the same document!

I think you should treat data to be authenticated as a binary blob.  In
other words, you should authenticate a particular representation of your
data.  If you want to authenticate "what you mean" instead of "what you
say", you will never get anywhere.  Or rather, you will get somewhere,
but it might not be where you want to be.

I'm thinking of XML signatures here, they tried the same thing and
failed horribly.

Fun,

Stephan


More information about the cryptography mailing list