XML signature HMAC truncation authentication bypass

2009-07-17 Thread Leandro Meiners
XML Signature Syntax and Processing (XMLDsig) is a W3C recommendation
for providing integrity, message authentication, and/or signer
authentication services for data. XMLDsig is commonly used by web
services such as SOAP. The XMLDsig recommendation includes support for
HMAC truncation, as specified in RFC2104. However, the XMLDsig
specification does not follow the RFC2104 recommendation to not allow
truncation to less than half of the length of the hash output or less
than 80 bits. When HMAC truncation is under the control of an attacker
this can result in an effective authentication bypass. For example, by
specifying an HMACOutputLength of 1, only one bit of the signature is
verified. This can allow an attacker to forge an XML signature that will
be accepted as valid.
- http://www.kb.cert.org/vuls/id/466161


More information at:
HMAC truncation in XML Signature: When Alice didn't look.
- http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html



-- 
Leandro Federico Meiners

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Traffic Analysis References

2006-10-19 Thread Leandro Meiners
Dear list,

Can anybody point me to any good references regarding traffic analysis?

regards,

Leandro.

--
Leandro Federico Meiners

GnuPG key fingerprint:
7B98 C0F5 42A3 2BEE 44AF
9D19 936F 5957 27DF AE74

GnuPG-Key:
http://pgp.mit.edu:11371/pks/lookup?op=indexsearch=lmeiners%40gmail.comfingerprint=onexact=on
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Any opinions on Kryptor...?

2006-09-08 Thread Leandro Meiners

Dear list,

Has anybody heard about Kryptor? Any opinions?
(Link: http://www.rosiello.org/modules/smartsection/visit.php?fileid=1)

Regards,

Leandro Meiners.-
--
Leandro Federico Meiners

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]