RE: advice needed

Wed, 16 Jun 1999 00:08:51 -0700 

What secret key? The private PKI key (e.g. a RSA key) or
the session symmetric key shared by both parties?

The first one is just used during the handshake for
authentication and key exchange purposes. All data packets
are encrypted with the session symmetric key. But as I said
previously, you need also to know information about the cipher
used (Alg id, parameters,..). It is at the handshake phase that
the cipher spec is decided. 

> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Martin Hallerdal
> Sent: Wednesday, June 16, 1999 8:48 AM
> To: '[EMAIL PROTECTED]'
> Subject: RE: advice needed
> 
> 
> So according to you, knowing just the secret key of the server wouldn't be
> sufficient to decrypt the data without using brute force?
> 
> > -----Original Message-----
> > From:       Bodo Moeller [SMTP:[EMAIL PROTECTED]]
> > Sent:       Tuesday, June 15, 1999 5:46 PM
> > To: [EMAIL PROTECTED]
> > Subject:    Re: advice needed
> > 
> > On Tue, Jun 15, 1999 at 04:54:40PM +0200, Pierre De Boeck wrote:
> > 
> > > I think your concept of SSL/TLS sniffer is not realistic
> > > in a general way, for the following reasons:
> > > 
> > >   - the packets transmitted between a client and a server have
> > submitted
> > >     a set of "transformations" (fragmentation, compression(optional)+
> > >     encryption(optional)+"MACed")
> > >   - to recover the original payload, you must, among other things,
> > know
> > >           - the compression alg/param used if any
> > >           - the cipher alg.param used (e.g. RC2-CBC-40 with a specific
> > IV)+
> > >             the secret key
> > > 
> > > That information is shared by the two parties but obviously not
> > transported
> > > in the packets.
> > 
> > Of course it's not trivial to read the encrypted payload data, but the
> > algorithm identifiers are transmitted in clear; so the attacker can
> > tell which connections use only 40-bit encryption keys, and -- if
> > enough computing power can be put into this -- can do key-searches for
> > those and then decrypt them.
> > ______________________________________________________________________
> > OpenSSL Project                                 http://www.openssl.org
> > Development Mailing List                       [EMAIL PROTECTED]
> > Automated List Manager                           [EMAIL PROTECTED]
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> Development Mailing List                       [EMAIL PROTECTED]
> Automated List Manager                           [EMAIL PROTECTED]
> 
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to