From: jsw@neon.netscape.com (Jeff Weinstein)
To: cypherpunks@toad.com
Message Hash: b1b68385be76aa030763fd18ee947513670939563296ac90ececde6451180343
Message ID: <42d9lh$mjf@tera.mcom.com>
Reply To: <199509031145.VAA12843@oznet02.ozemail.com.au>
UTC Datetime: 1995-09-03 22:20:24 UTC
Raw Date: Sun, 3 Sep 95 15:20:24 PDT
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Sun, 3 Sep 95 15:20:24 PDT
To: cypherpunks@toad.com
Subject: Re: A bold ssl idea ?
In-Reply-To: <199509031145.VAA12843@oznet02.ozemail.com.au>
Message-ID: <42d9lh$mjf@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain
In article <199509031145.VAA12843@oznet02.ozemail.com.au>, lyalc@ozemail.com.au (lyal collins) writes:
> Having watched the discussions of recent of the SSL bruting, it occured to
> me that a variation could also be useful.
> I understand that setting up RC4 keys is slower that testing for the correct
> key (I may have misuderstood this bit).
> As a company using SSL can ahve all it's SSL traffic sniffed, from multiple
> people accessing, a log can easily be built of message/keys.
> Is it considered practical to modify the brutessl code to have multiple
> message data, and test each against a key from allocated key space ?
> If so, this may mean that perhaps 3 message can be tested against a single
> in the time two single keys could be tested against one message.
> An an attack scenario, this is a hell of a lot more "efficient" than current
> trials have been. I realise this could also be considered a bit of target
> for the main purpose of demonstrating weaknesses, and improving techiquess.
This technique has been discussed before. It will not work because
the 40-bit export version of SSL actually uses 128 bit keys, with 88 of
the bits transfered in the clear. The extra 88-bits act as a "salt" to
the key. This defeats attempts to do a single key space search for
multiple messages.
--Jeff
--
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.
Return to September 1995
Return to “Piete Brooks <Piete.Brooks@cl.cam.ac.uk>”