Dear ladies and gentlemen, the RFC 7627 introduces the "Extended master secret" TLS extension to prevent man-in-the-middle attacks.
In section 1 - Introduction - on page three of the RFC, it is stated that "other key exchanges, such as [...] Pre-Shared Key (PSK), have also been shown to be vulnerable [VERIFIED-BINDINGS<https://www.ietf.org/rfc/rfc7627.html#ref-VERIFIED-BINDINGS>]". However, the referenced paper (cf. reference given below) makes no mention of pre-shared keys, but rather states that "channel synchronization attacks apply also to channel bindings for other key exchanges such as [IKEv2, SRP and ECDHE]" [VERIFIED-BINDINGS<https://www.ietf.org/rfc/rfc7627.html#ref-VERIFIED-BINDINGS>]. I would kindly ask you to clarify how I should interpret the statement in the RFC pertaining to the PSK vulnerability? In other words, is the PSK key exchange vulnerable to MiTM attacks as stated, or does the vulnerability arise from a malicious server (MiTM) forcing a client not to use a PSK cipher suite, but rather another key exchange such as SRP or ECDHE? I appreciate your support. Thank you and best regards, Alexander Schlie [VERIFIED-BINDINGS] Bhargavan, K., Delignat-Lavaud, A., and A. Pironti, "Verified Contributive Channel Bindings for Compound Authentication", Network and Distributed System Security Symposium (NDSS), 2015. Dr.-Ing. Alexander Schlie Car Communication Security (ESEC/3) Volkswagen Aktiengesellschaft Brieffach 011/17020 38436 Wolfsburg www.volkswagenag.de<http://www.volkswagenag.de/> DE Volkswagen Aktiengesellschaft Sitz: Wolfsburg Registergericht: Amtsgericht Braunschweig HRB Nr.: 100484 Vorsitzender des Aufsichtsrats: Hans Dieter Pötsch Vorstand: Oliver Blume (Vorsitzender), Arno Antlitz, Ralf Brandstätter, Gernot Döllner, Manfred Döss, Gunnar Kilian, Thomas Schäfer, Thomas Schmall-von Westerholt, Hauke Stars Wichtiger Hinweis: Die vorgenannten Angaben werden jeder E-Mail automatisch hinzugefügt und lassen keine Rückschlüsse auf den Rechtscharakter der E-Mail zu. Informationen zum Umgang mit Ihren personenbezogenen Daten finden Sie unter https://www.volkswagen.de/de/mehr/rechtliches/datenschutzerklaerung-allgemeine-kommunikation.html EN Volkswagen Aktiengesellschaft Registered Seat: Wolfsburg I Registration Court: Amtsgericht Braunschweig Commercial Register No.: 100484 Chairman of the Supervisory Board: Hans Dieter Pötsch Board of Management: Oliver Blume (Chairman), Arno Antlitz, Ralf Brandstätter, Gernot Döllner, Manfred Döss, Gunnar Kilian, Thomas Schäfer, Thomas Schmall-von Westerholt, Hauke Stars Important Notice: The above information is automatically added to this e-mail. This addition does not constitute a representation that the content of this e-mail is legally relevant and/or is intended to be legally binding upon Volkswagen Aktiengesellschaft. Information about our handling of your personal data can be found here: https://www.volkswagen.de/de/mehr/rechtliches/privacy-policy-for-general-communication.html Weitere Informationen zum Thema E-Mail Signatur bei Volkswagen finden Sie auf der Group Wiki Seite des Corporate Design: https://volkswagen-net.de/wikis/display/CiCdVWgroup/E-Mail+Signatur+bei+Volkswagen INTERNAL
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
