From: lyalc@ozemail.com.au (lyal collins)
To: cypherpunks@toad.com
Message Hash: eddc3a5e4583844371206348878de143362ee2218cbc17d897bf3b89be6781f2
Message ID: <199509031145.VAA12843@oznet02.ozemail.com.au>
Reply To: N/A
UTC Datetime: 1995-09-03 11:45:46 UTC
Raw Date: Sun, 3 Sep 95 04:45:46 PDT
From: lyalc@ozemail.com.au (lyal collins)
Date: Sun, 3 Sep 95 04:45:46 PDT
To: cypherpunks@toad.com
Subject: A bold ssl idea ?
Message-ID: <199509031145.VAA12843@oznet02.ozemail.com.au>
MIME-Version: 1.0
Content-Type: text/plain
Having watched the discussions of recent of the SSL bruting, it occured to
me that a variation could also be useful.
I understand that setting up RC4 keys is slower that testing for the correct
key (I may have misuderstood this bit).
As a company using SSL can ahve all it's SSL traffic sniffed, from multiple
people accessing, a log can easily be built of message/keys.
Is it considered practical to modify the brutessl code to have multiple
message data, and test each against a key from allocated key space ?
If so, this may mean that perhaps 3 message can be tested against a single
in the time two single keys could be tested against one message.
An an attack scenario, this is a hell of a lot more "efficient" than current
trials have been. I realise this could also be considered a bit of target
for the main purpose of demonstrating weaknesses, and improving techiquess.
My thoughts, anyway - i hope they make sense.
lyal
Return to September 1995
Return to “Piete Brooks <Piete.Brooks@cl.cam.ac.uk>”