Swaminathan P wrote:
I have a question anout the use of sequence number as a part of the
input to the hash function during the MAC calculation. Does that security
concerns? Would the security aspects of theSSL be affected if the sequence
number is not used as a part of the input to the hash funtion for MAC
calculation?
Sequence number prevents replay attacks. Both sides of SSL communication
channel are keeping track of number of messages received. If somebody
has ability to inject a record into the SSL stream which is the same
as some other record observed on that stream, the sequence number melted
in a MAC will prevent the SSL machinery to treat this record as a valid one.
--
Lev Walkin
[EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
