Re: [openssl-users] different encrypted text for the same plain text message

[Dr. Stephen Henson]

On Sat, Jul 30, 2016, R-D intern wrote:

> Thank you,  Stephen. 
> You answered regarding randomness in different sessions if session
> resumption is on. But my question revolves around the same messages within
> the same Session. How different encrypted texts are formed of the same
> plaintext between a client -server? 
> Is it only the iv changes or the MAC,  BULK encryption keys as well? 
> 

That has already been answered: only the IV changes. The technique used
depends on the version of TLS/SSL. There is also some additional data put
through the MAC which depends on the record sequence number. So even with the
same application data different data is MACed.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] different encrypted text for the same plain text message

[R-D intern]

Thank you,  Stephen. 
You answered regarding randomness in different sessions if session
resumption is on. But my question revolves around the same messages within
the same Session. How different encrypted texts are formed of the same
plaintext between a client -server? 
Is it only the iv changes or the MAC,  BULK encryption keys as well? 



--
View this message in context: 
http://openssl.6102.n7.nabble.com/different-encrypted-text-for-the-same-plain-text-message-tp67595p67635.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] different encrypted text for the same plain text message

[Dr. Stephen Henson]

On Fri, Jul 29, 2016, R-D intern wrote:

> Hello Benjamin,
> Thanks for the reply.
> I know the purpose and benefit of creating different cipher texts of the
> same corresponding plain text.But I would like to know about the places
> where this randomness gets introduced to create different encrypted
> texts.Because SSL handshake takes place only once. After creation of  pre
> secret key(for an entire session) at both the client and the server ends,
> master key is created based on pre secret key, identifier label, client and
> server random numbers which is again maintained for an entire session . The
> master key is responsible for creating MAC key, bulk encryption key and IV
> for client - server  read - write.  If the bulk encryption key (which is
> responsible for encrypting the message ) for an entire session is fixed and
> constant, then how is the encrypted text different?

The master key along with client and server random values is used to derive
the session keys. That is the random values from the current session. So if
you resume a session the master key is the same but the random values differ
and so the session keys are different too.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] different encrypted text for the same plain text message

[R-D intern]

Thank you, Jakob. 
I had read that the earlier versions IV logic used to use the last block of
the ciphertext as the IV for the next message and this proved vulnerable
giving way to reflection attacks. But is it only the IV that changes? the
bulk encryption and MAC keys remain constant throughput the entire session
right?
Regards,
Suman



--
View this message in context: 
http://openssl.6102.n7.nabble.com/different-encrypted-text-for-the-same-plain-text-message-tp67595p67621.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] different encrypted text for the same plain text message

[Jakob Bohm]

On 29/07/2016 09:23, R-D intern wrote:

Hello Benjamin,
Thanks for the reply.
I know the purpose and benefit of creating different cipher texts of the
same corresponding plain text.But I would like to know about the places
where this randomness gets introduced to create different encrypted
texts.Because SSL handshake takes place only once. After creation of  pre
secret key(for an entire session) at both the client and the server ends,
master key is created based on pre secret key, identifier label, client and
server random numbers which is again maintained for an entire session . The
master key is responsible for creating MAC key, bulk encryption key and IV
for client - server  read - write.  If the bulk encryption key (which is
responsible for encrypting the message ) for an entire session is fixed and
constant, then how is the encrypted text different?
Regards,
Suman


The IV changes.  The precise method of changing the IV
depends on the TLS version, because the method used in
SSL 3 and TLS 1.0 was not as secure as it should be.

Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] different encrypted text for the same plain text message

[R-D intern]

Hello Benjamin,
Thanks for the reply.
I know the purpose and benefit of creating different cipher texts of the
same corresponding plain text.But I would like to know about the places
where this randomness gets introduced to create different encrypted
texts.Because SSL handshake takes place only once. After creation of  pre
secret key(for an entire session) at both the client and the server ends,
master key is created based on pre secret key, identifier label, client and
server random numbers which is again maintained for an entire session . The
master key is responsible for creating MAC key, bulk encryption key and IV
for client - server  read - write.  If the bulk encryption key (which is
responsible for encrypting the message ) for an entire session is fixed and
constant, then how is the encrypted text different?
Regards,
Suman



--
View this message in context: 
http://openssl.6102.n7.nabble.com/different-encrypted-text-for-the-same-plain-text-message-tp67595p67618.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] different encrypted text for the same plain text message

[Short, Todd]

Rich Salz basically told this guy to read Wikipedia about cryptography… :)
--
-Todd Short
// tsh...@akamai.com
// "One if by land, two if by sea, three if by the Internet."

On Jul 28, 2016, at 11:15 AM, Benjamin Kaduk 
> wrote:

There are several places where a per-connection random input is introduced, 
with a specific goal of making encryptions of the same plaintext produce 
different ciphertexts (as well as other benefits).  If a plaintext always 
produced the same ciphertext, then an attacker could make a dictionary of 
different observed ciphertexts and know when the same plaintext was being 
repeated, which violates the confidentiality property desired from the protocol.

-Ben

On 07/28/2016 06:19 AM, R-D intern wrote:

Hello,
I am using ECDSA-ECDHE-AES-SHA cipher suite for client -server security.I
tried understanding the mechanism handshake mechanism. What still quizzes me
is ; communication between a specific client -server for a specific session
generates different encrypted text for the same plain text message. What
leads  to this? Can anybody elaborate?
Please reply.
Thanks and regards,
Suman



--
View this message in context: 
http://openssl.6102.n7.nabble.com/different-encrypted-text-for-the-same-plain-text-message-tp67595.html
Sent from the OpenSSL - User mailing list archive at 
Nabble.com.


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] different encrypted text for the same plain text message

[Benjamin Kaduk]

There are several places where a per-connection random input is
introduced, with a specific goal of making encryptions of the same
plaintext produce different ciphertexts (as well as other benefits).  If
a plaintext always produced the same ciphertext, then an attacker could
make a dictionary of different observed ciphertexts and know when the
same plaintext was being repeated, which violates the confidentiality
property desired from the protocol.

-Ben

On 07/28/2016 06:19 AM, R-D intern wrote:
> Hello,
> I am using ECDSA-ECDHE-AES-SHA cipher suite for client -server security.I
> tried understanding the mechanism handshake mechanism. What still quizzes me
> is ; communication between a specific client -server for a specific session
> generates different encrypted text for the same plain text message. What
> leads  to this? Can anybody elaborate?
> Please reply.
> Thanks and regards,
> Suman
>
>
>
> --
> View this message in context: 
> http://openssl.6102.n7.nabble.com/different-encrypted-text-for-the-same-plain-text-message-tp67595.html
> Sent from the OpenSSL - User mailing list archive at Nabble.com.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] different encrypted text for the same plain text message

[R-D intern]

Hello,
I am using ECDSA-ECDHE-AES-SHA cipher suite for client -server security.I
tried understanding the mechanism handshake mechanism. What still quizzes me
is ; communication between a specific client -server for a specific session
generates different encrypted text for the same plain text message. What
leads  to this? Can anybody elaborate?
Please reply.
Thanks and regards,
Suman



--
View this message in context: 
http://openssl.6102.n7.nabble.com/different-encrypted-text-for-the-same-plain-text-message-tp67595.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users