On Tue, May 02, 2017 at 09:41:00PM -0700, Eric Rescorla wrote: > On Tue, May 2, 2017 at 9:22 PM, Nico Williams <n...@cryptonector.com> wrote: > > > On Tue, May 02, 2017 at 04:41:52PM -0700, Eric Rescorla wrote: > > > On Tue, May 2, 2017 at 4:02 PM, Nico Williams <n...@cryptonector.com> > > wrote: > > > > On Tue, May 02, 2017 at 03:53:48PM -0700, Eric Rescorla wrote: > > > > > It's not XOR. It's addition mod 2^32. That's important because the > > > > > *difference* > > > > > between the ticket replay times is directly observable anyway. > > > > > > > > Computationally there's no real difference between that and XOR. > > > > > > What information do you believe you are gathering here? > > > > I believe the attack described is finding the time of the session's > > establishment. > > Hmm.... Can you walk me through how you think that works?
Well, I hadn't done it myself. I see now though that the attack doesn't work. I would still prefer proper encryption. But this works. Nico -- _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
