W3C home > Mailing lists > Public > public-html@w3.org > March 2012

Re: Encrypting content stored on untrusted CDNs

From: Kornel Lesiński <kornel@geekhood.net>
Date: Sat, 03 Mar 2012 13:21:50 -0000
To: public-html@w3.org
Message-ID: <op.waljeo2bte2ec8@aimac.local>
On Sat, 03 Mar 2012 01:53:01 -0000, Kornel Lesiński <kornel@geekhood.net>  
wrote:

> I was unable to find info whether AES-CTR gives any integrity assurance  
> at block level. If it doesn't, then an attacker could corrupt selected  
> blocks of the file transferred, and UA wouldn't be able to detect that  
> during decryption. That could allow attacker to corrupt parts of image  
> or video files in attempt to crash the browser.
>
> If that is the case, and random access is needed, then perhaps some kind  
> of hash tree needs to be used as well, e.g. URL specifies top hash and  
> HTTP headers include part of hash tree relevant to the range requested.

...or, alternatively, this could be framed simply as the same risk that  
HTTP has, and the spec should warn authors that despite encryption  
involved, there are no assurances on integrity/authenticity of the content.

-- 
regards, Kornel Lesiński
Received on Saturday, 3 March 2012 13:22:13 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:17:46 GMT