W3C home > Mailing lists > Public > ietf-tls@w3.org > July to September 1996

Re: Passphrases in or out

From: Steve Petri <petri@litronic.com>
Date: Mon, 05 Aug 1996 13:28:41 -0700
Message-Id: <32065979.F47@litronic.com>
To: ietf-tls@w3.org
> 
> Christopher Allen wrote:
> 
> >f) Some cryptographers to speak up on the proposal.
> 

I have a question for the cryptographers...

The "Shared Key Authentication for the TLS Protocol" paper
states:

==> In fact, even a challenge-response protocol which never
==> reveals the password is vulnerable, if a poorly chosen, guessable
==> password is used; an attacker can obtain the (weakly protected)
==> transcript of the challenge-response protocol, then attempt to guess the
==> password, verifying each guess against the transcript.

Would not this same type of attack be possible against the current
proposal?  It seems to me that if your are not using asymmetric crypto, 
an eavesdropper would have all required info from the transcript of
the session to perform this type of an attack.  That is, it doesn't
matter if the transcript is "weakly protected" or "strongly protected" --
without asym crypto, the attacker has the same info about the session
as the valid participants.

Not being a cryptographer, I apologize if this question is misguided.


Regards, 
Steve Petri					petri@litronic.com
Litronic Industries				(714)545-6649
Received on Monday, 5 August 1996 16:29:17 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:34:50 EDT