| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20110417161505.2F0C.0@paddy.troja.mff.cuni.cz> Date: Sun, 17 Apr 2011 16:32:18 +0200 (CEST) From: Pavel Kankovsky <peak@...o.troja.mff.cuni.cz> To: full-disclosure@...ts.grok.org.uk Subject: Re: how would browser vendors deal with $O(10^k)$ fake certs? On Wed, 13 Apr 2011, Marsh Ray wrote: > Only in cases where the element is found though, the last bit only needs > to be checked if all the preceding bits matched. In the normal > (non-attack) case the "s3r34l number" isn't found. It depends on whether one talks about the worst-case complexity or about the average-case complexity. Anyway, there is much more computation beyond the mere blacklist search: it is necessary to receive the certificate from the network (all bits must be read on order to complete the handshake) and to verify its digital signature (all bits must be hashed) or to find it in some kind of cache of verified certs (a positive result is needed here, therefore all bits must be checked and match). -- Pavel Kankovsky aka Peak / Jeremiah 9:21 \ "For death is come up into our MS Windows(tm)..." \ 21st century edition / _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists