Re: Closing on shared-key authentication

Win Treese wrote:
> I'd like to close on the question of including shared-key
> authentication in TLS. There has been little discussion
> of the latest proposal from Barbara Fox, but I think we
> went over the arguments pretty thoroughly a few weeks
> ago.

Is the latest proposal still vulnerable to this type of an attack:

	- Given a server with TLS/passauth and no attack detection
	- Attacker uses dictionary attack against an account, 
	  re-trying the Handshake with a dictionary of 65000 
	  commonly used passphrases

If the user's passphrase exists in the dictionary, then the effective
security seems to be "16 bits" rather than "128 bits".

Steve Petri
Litronic, Inc.

Received on Monday, 7 October 1996 17:08:51 UTC