[Cryptography] Fwd: OPENSSL FREAK

Ray Dillinger bear at sonic.net
Tue Mar 31 13:47:34 EDT 2015



On 03/27/2015 04:43 PM, WebDawg wrote:

> I think it is even worse to do something like this, with a piece of
> software like this, because its primary function IS security/encryption.
> It is still a piece of code that is broke, it is just broke in a different
> way that does not need to be fixed, but pruned.
> 
> Even if a SWITCH or TAKE OUT was put into the code it is just another place
> to potentially exploit.  The TAKE OUT sounds nice, but I would think in a
> CHOOSE, it would just remove the rest anyways.

Honestly, this was exactly the scenario I had in mind when I proposed
implementing "death notes" for ciphers.

It was a simple idea then, and is still simple.  A death note is
simply a proof that the encryption has been broken, (such as, in
this case, a cert issued by a known-bogus "negative cert authority"
whose keys were publicly destroyed immediately after creation).

Everything that gets the death note (and has implemented the
feature, sigh) responds by permanently disabling that crypto
primitive (in this case erasing all certificates that use that
cipher), permanently storing the death note, and thereafter
passing on the death note to anyone who later tries to use
the dead crypto primitive.

Seriously.  This is fairly simple to implement.  Yes, it would
cause outdated servers FROM TWENTY YEARS AGO to stop being
compatible with anything that has the death note protocol
implemented.  That isn't merely an acceptable loss, that is in
fact the desired result.

				Bear






-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150331/18f8203d/attachment.sig>


More information about the cryptography mailing list