An extremely trivial observation, but may be useful to some: >The attack assumes that multiple SSL or TLS connections involve a common >fixed plaintext block, such as a password.
There's been a discussion about how this affects POP over SSL on a private list. My suggestion was: -- Snip -- - Don't retry a connection repeatedly if it fails the first time (I guess you don't do that anyway, but some programs like Outlook try automated repeated connects). - Add random whitespace to the initial messages so the password isn't always at a fixed location (that is, sprinkle extra spaces and tabs and whatnot around in the lines you send up to and including the password). -- Snip -- This changes the padding on each message containing the password, making the attack rather more difficult, and has the advantage that you don't need to convince the party running the server to update their software. Depending on how much stuff you can send per message, you can vary it by quite a bit. In the POP case the "PASS xxx" would be a single message so you don't have quite that much leeway, but it looks like you can add enough whitespace to make the padding random. Someone else on the list posted a followup to say he'd tried it on two servers and they had no trouble with the whitespace. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
