But XDR is so BORING compared to a REAL standard like ASN.1!
It doesn't have infinite possibilies for object definitions
requiring help from standards committees, multiple incompatible
data representations with different kinds of ambiguity,
or ugly API packages that are too large to believe that
Kevin E. Fu [EMAIL PROTECTED] writes:
But XDR is so BORING compared to a REAL standard like ASN.1! It doesn't have
infinite possibilies for object definitions requiring help from standards
committees, multiple incompatible data representations with different kinds of
ambiguity, or ugly API
At 03:55 20/09/2001, Peter Gutmann wrote:
Paul Crowley [EMAIL PROTECTED] writes:
[EMAIL PROTECTED] (Peter Gutmann) writes:
Kevin E. Fu [EMAIL PROTECTED] writes:
But XDR is so BORING compared to a REAL standard like ASN.1!
I can feel this sliding into a specification language debate, but I
:49 AM
Subject: Re: Field slide attacks and how to avoid them.
[EMAIL PROTECTED] (Peter Gutmann) writes:
Kevin E. Fu [EMAIL PROTECTED] writes:
But XDR is so BORING compared to a REAL standard like ASN.1!
I can feel this sliding into a specification language debate, but I
have to put
The problem is that an ambiguous message is signed, making this attack
possible:
(username, expiration) - MAC signature
- --
(Alice, 21-Apr-2001- MAC (Alice21-Apr-2001, key)
(Alice2, 1-Apr-2001- MAC (Alice21-Apr-2001, key)
An adversary
I've been noticing a lot of ways you can mess up a cryptographic
protocol due to the sliding around of fields within a signed or MACed
message. The classic example of this is the old attack on PGP
fingerprints, which let you use some odd keysize, and thus get two
different keys (with different
John Kelsey wrote:
-BEGIN PGP SIGNED MESSAGE-
[ To: Perry's Crypto List ## Date: 09/08/01 07:35 pm ##
Subject: Field slide attacks and how to avoid them. ]
Guys,
I've been noticing a lot of ways you can mess up a cryptographic
protocol due to the sliding around of fields