[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#31946: 27.0.50; The NSM should warn about more TLS problems
|
From: |
Noam Postavsky |
|
Subject: |
bug#31946: 27.0.50; The NSM should warn about more TLS problems |
|
Date: |
Wed, 27 Jun 2018 20:14:42 -0400 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) |
Jimmy Yuen Ho Wong <wyuenho@gmail.com> writes:
> Tidbit: The GnuTLS basically ignored a group of Adobe researchers when they
> reported to them GnuTLS was susceptible to the small group
> attack[7]...
> [7]: https://eprint.iacr.org/2016/995.pdf
I guess the report is here (the reporter, Luke Valenta, is the first
author of the paper): https://gitlab.com/gnutls/gnutls/issues/104
The paper just says "didn't patch", but looking in the details of the
report, Luke says:
From a client's perspective, the TLS protocol limitation does
prevent "q" from being specified. However, since a server knows the
value of "q", it should be perform proper subgroup validation checks
as a precaution against small subgroup attacks[...]
I agree that since the server does not reuse ephemeral DH keys, it
is not currently vulnerable to a small subgroup attack.
So, the client side can't be patched, and the server side doesn't really
need to be patched (just leave the "reuse ephemeral key" option turned
off).
Furthermore, it seems gnutls has added support for standardized primes,
so that pretty much resolves the issue as much as it can be:
https://gitlab.com/gnutls/gnutls/merge_requests/437
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, (continued)
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/06/26
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Eli Zaretskii, 2018/06/26
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Noam Postavsky, 2018/06/26
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Jimmy Yuen Ho Wong, 2018/06/27
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/06/27
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/06/27
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Eli Zaretskii, 2018/06/27
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Jimmy Yuen Ho Wong, 2018/06/27
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/06/28
- bug#31946: 27.0.50; The NSM should warn about more TLS problems,
Noam Postavsky <=
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Jimmy Yuen Ho Wong, 2018/06/28
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/06/28
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Jimmy Yuen Ho Wong, 2018/06/28
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Lars Ingebrigtsen, 2018/06/28
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Jimmy Yuen Ho Wong, 2018/06/28
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Jimmy Yuen Ho Wong, 2018/06/29
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Jimmy Yuen Ho Wong, 2018/06/29
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Jimmy Yuen Ho Wong, 2018/06/30
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Noam Postavsky, 2018/06/30
- bug#31946: 27.0.50; The NSM should warn about more TLS problems, Jimmy Yuen Ho Wong, 2018/06/30