W3C home > Mailing lists > Public > ietf-tls@w3.org > July to September 1996

Re: Passphrases in or out

From: Bennet Yee <bsy@cs.ucsd.edu>
Date: Mon, 05 Aug 1996 17:34:46 -0700
Message-Id: <199608060034.RAA01121@work.ucsd.edu>
To: Steve Petri <petri@litronic.com>
cc: ietf-tls@w3.org

> Steve Petri writes:
> 
> So it seems that the client code will come up with a (high entropy) random
> number, and encrypt it with the Server's public key.  Is that correct?

This is the standard RSA server auth key exchange.

> Is there a provision in the proposal to deny service to an account which
> is being dictionary attacked directly, or will this be left up to 
> the implementation?

Protocols only specify the messages sent over the wire.  The
vulnerability to dictionary attacks, unfortunately, is independent of
this -- active on-line attacks, where the server is actually being
probed, -can- be detected by the server implementation, but such an
implementation requirement is outside the scope of a protocol
standard; off-line attacks where protocol messages are eavesdropped
and then used to determine the key in a separate computation, much as
brute-force key searches are done with known-plaintext attacks, are
completely separated from both protocol specifications as well as
implementation specifications.

-bsy

--------
Bennet S. Yee		Phone: +1 619 534 4614	    Email: bsy@cs.ucsd.edu

Web:	http://www-cse.ucsd.edu/users/bsy/
USPS:	Dept of Comp Sci and Eng, 0114, UC San Diego, La Jolla, CA 92093-0114
Received on Monday, 5 August 1996 20:35:00 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:34:51 EDT