diff options
author | lloyd <[email protected]> | 2010-04-09 03:43:48 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2010-04-09 03:43:48 +0000 |
commit | d7e2e9316a5540e93595b5386f67594135de736d (patch) | |
tree | b7b556f5005a8aa0f63cd0abe636cad927ea02ab /src/libstate/policy.cpp | |
parent | 24ec42e6b17e177900b864771f205f2eed8753e5 (diff) |
If the CBC padding is incorrect, then assume the pad size is zero and
carry on with the procedure. This prevents a timing attack where an
attacker could distinguish bad padding vs MAC failure. This timing
channel used in the paper "Password Interception in a SSL/TLS Channel"
by Vaudenay et. al. to attack SSL in certain fairly realistic use
scenarios.
Diffstat (limited to 'src/libstate/policy.cpp')
0 files changed, 0 insertions, 0 deletions