W3C home > Mailing lists > Public > public-xmlsec@w3.org > August 2011

Re: Proposed text to add to security considerations

From: <Frederick.Hirsch@nokia.com>
Date: Tue, 16 Aug 2011 15:59:40 +0000
To: <hal.lockhart@oracle.com>
CC: <Frederick.Hirsch@nokia.com>, <public-xmlsec@w3.org>
Message-ID: <D7F4D627-1556-4972-9132-8CC0BB99C0BA@nokia.com>
Thanks Hal

I understand the intent of the last sentence but wonder whether rather than "generate alerts" it might be better to say stop processing requests from that origin?

Otherwise I think this is good and I think we should incorporate into XML Encryption 1.1 editors draft.

regards, Frederick

Frederick Hirsch

On Aug 16, 2011, at 11:53 AM, ext Hal Lockhart wrote:

> Here is what I had in mind.
> 6.7 Timing Attacks
> It has been known for some time that it is feasible for an attacker to recover keys or cleartext by repeatedly sending chosen ciphertext and measuring the time required to process different requests with different types of errors. It has been demonstrated that attacks of this type are practical even when communicating over large and busy networks, especially if the receiver is willing to process large blocks of ciphertext. 
> Implementers SHOULD ensure that distinct errors detected during security algorithm processing do not consume systematically different amounts of processing time from each other. Implementers SHOULD consult the technical literature for more details on specific attacks and recommended countermeasures.
> Deployments SHOULD generate alerts when a large number of security algorithm processing errors are detected within a short period of time, especially in messages from the same origin.
> Hal
Received on Tuesday, 16 August 2011 16:00:13 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:42:26 UTC