The attacker model of the Lucky13 attack in TLS
Clash Royale CLAN TAG#URR8PPP
up vote
2
down vote
favorite
Lucky13 is a timing attack against the MAC in the CBC MAC-then-encrypt ciphersuites. In the attack's page:
The attacks involve detecting small differences in the time at which
TLS error messages appear on the network in response to
attacker-generated ciphertexts.
My question is: Can a passive adversary perform Lucky13? In other words, I need to know if Lucky13 attacker's model is active MitM or passive network attacker who just collect traffic and perform analysis afterwards?
tls cbc openssl cbc-mac timing-attack
add a comment |Â
up vote
2
down vote
favorite
Lucky13 is a timing attack against the MAC in the CBC MAC-then-encrypt ciphersuites. In the attack's page:
The attacks involve detecting small differences in the time at which
TLS error messages appear on the network in response to
attacker-generated ciphertexts.
My question is: Can a passive adversary perform Lucky13? In other words, I need to know if Lucky13 attacker's model is active MitM or passive network attacker who just collect traffic and perform analysis afterwards?
tls cbc openssl cbc-mac timing-attack
add a comment |Â
up vote
2
down vote
favorite
up vote
2
down vote
favorite
Lucky13 is a timing attack against the MAC in the CBC MAC-then-encrypt ciphersuites. In the attack's page:
The attacks involve detecting small differences in the time at which
TLS error messages appear on the network in response to
attacker-generated ciphertexts.
My question is: Can a passive adversary perform Lucky13? In other words, I need to know if Lucky13 attacker's model is active MitM or passive network attacker who just collect traffic and perform analysis afterwards?
tls cbc openssl cbc-mac timing-attack
Lucky13 is a timing attack against the MAC in the CBC MAC-then-encrypt ciphersuites. In the attack's page:
The attacks involve detecting small differences in the time at which
TLS error messages appear on the network in response to
attacker-generated ciphertexts.
My question is: Can a passive adversary perform Lucky13? In other words, I need to know if Lucky13 attacker's model is active MitM or passive network attacker who just collect traffic and perform analysis afterwards?
tls cbc openssl cbc-mac timing-attack
tls cbc openssl cbc-mac timing-attack
edited 2 hours ago
asked 2 hours ago
user9371654
1623
1623
add a comment |Â
add a comment |Â
2 Answers
2
active
oldest
votes
up vote
1
down vote
The Lucky13 article on Our Results;
... attacks can be mounted by a standard man-in-the-middle (MITM) attacker who sees only ciphertext and can inject ciphertexts of his own composition into the network.
on the discussion;
We reiterate that the attacks are ciphertext-only, and so can be carried out by the standard MITM attacker, without a chosen-plaintext capability.
add a comment |Â
up vote
1
down vote
Can a passive adversary perform Lucky13?
No. The attacker must have the capability to inject chosen ciphertexts into the stream. A passive adversary (who listens into the encrypted traffic but cannot modify it) cannot do this.
add a comment |Â
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
The Lucky13 article on Our Results;
... attacks can be mounted by a standard man-in-the-middle (MITM) attacker who sees only ciphertext and can inject ciphertexts of his own composition into the network.
on the discussion;
We reiterate that the attacks are ciphertext-only, and so can be carried out by the standard MITM attacker, without a chosen-plaintext capability.
add a comment |Â
up vote
1
down vote
The Lucky13 article on Our Results;
... attacks can be mounted by a standard man-in-the-middle (MITM) attacker who sees only ciphertext and can inject ciphertexts of his own composition into the network.
on the discussion;
We reiterate that the attacks are ciphertext-only, and so can be carried out by the standard MITM attacker, without a chosen-plaintext capability.
add a comment |Â
up vote
1
down vote
up vote
1
down vote
The Lucky13 article on Our Results;
... attacks can be mounted by a standard man-in-the-middle (MITM) attacker who sees only ciphertext and can inject ciphertexts of his own composition into the network.
on the discussion;
We reiterate that the attacks are ciphertext-only, and so can be carried out by the standard MITM attacker, without a chosen-plaintext capability.
The Lucky13 article on Our Results;
... attacks can be mounted by a standard man-in-the-middle (MITM) attacker who sees only ciphertext and can inject ciphertexts of his own composition into the network.
on the discussion;
We reiterate that the attacks are ciphertext-only, and so can be carried out by the standard MITM attacker, without a chosen-plaintext capability.
answered 1 hour ago
kelalaka
1,864419
1,864419
add a comment |Â
add a comment |Â
up vote
1
down vote
Can a passive adversary perform Lucky13?
No. The attacker must have the capability to inject chosen ciphertexts into the stream. A passive adversary (who listens into the encrypted traffic but cannot modify it) cannot do this.
add a comment |Â
up vote
1
down vote
Can a passive adversary perform Lucky13?
No. The attacker must have the capability to inject chosen ciphertexts into the stream. A passive adversary (who listens into the encrypted traffic but cannot modify it) cannot do this.
add a comment |Â
up vote
1
down vote
up vote
1
down vote
Can a passive adversary perform Lucky13?
No. The attacker must have the capability to inject chosen ciphertexts into the stream. A passive adversary (who listens into the encrypted traffic but cannot modify it) cannot do this.
Can a passive adversary perform Lucky13?
No. The attacker must have the capability to inject chosen ciphertexts into the stream. A passive adversary (who listens into the encrypted traffic but cannot modify it) cannot do this.
answered 54 mins ago
poncho
87.5k2130223
87.5k2130223
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f63524%2fthe-attacker-model-of-the-lucky13-attack-in-tls%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password