Peter Gutmann wrote:
> Tom Ritter <> writes:
>> What's weird is I find confusing literature about what *is* the default for
>> protecting the viewstate.
> I still haven't seen the paper/slides from the talk so it's a bit hard to
> comment on the specifics, but if you're using .NET's FormsAuthenticationTicket
> (for cookie-based auth, not viewstate protection) then you get MAC protection
> built-in, along with other nice features like sliding cookie expiration (the
> cookie expires relative to the last active use of the site rather than an
> absolute time after it was set).  I've used it in the past as an example of
> how to do cookie-based auth right

FYI...I just received confirmation from my company's on-site consultant from
Microsoft that .NET's FormsAuthenticationTicket is also vulnerable to
this padding oracle attack. So apparently Microsoft didn't apply the MAC
protection quite right in their implementation.

Kevin W. Wall
"The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where we come in; we're computer professionals.
We cause accidents."        -- Nathaniel Borenstein, co-creator of MIME

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to

Reply via email to