[cryptography] SSL session resumption defective (Re: What project would you finance? [WAS: Potential funding for crypto-related projects])
adam at cypherspace.org
Tue Jul 2 11:07:54 EDT 2013
On Tue, Jul 02, 2013 at 11:48:02AM +0100, Ben Laurie wrote:
>On 2 July 2013 11:25, Adam Back <adam at cypherspace.org> wrote:
>> does it provide forward secrecy (via k' = H(k)?).
>Resumed [SSL] sessions do not give forward secrecy. Sessions should be
>expired regularly, therefore.
That seems like an SSL protocol bug no? With the existence of forward
secret ciphersuites, the session resumption cache mechanism itself MUST
exhibit forward secrecy.
Do you think anyone would be interested in fixing that?
More information about the cryptography