I wrote a blog post about our findings in Apple's CommonCrypto (and corecrypto) library https://www.massi.moe/blog/primality-testing-in-apple-core-crypto … with security update now live in macOS Mojave 10.14.1 and iOS 12.1 with @kennyog @martinralbrecht @jurajsomorovsky
I've never implemented TLS-SRP, but I thought it added certificate signatures to the mix precisely for reasons like this? I thought that's what the DSS/RSA ciphersuites in RFC5054 are?
-
-
You're right - some but not all of the PAKE ciphersuites in that RFC require server side sigs, but PAKE in general is intended to avoid the need for such elements. Honestly, I've no idea why TLS-SRP does this.
-
I think of SRP as "an interesting way to use a password to authenticate a channel, and avoid some of the problems of password security" ... like for a SQL connection or something. But then keep using certs to auth the server, prevent spoofing, etc ...
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.