Re: [ietf-smtp] When using TLS, would randomizing the order of the EHLO

Ned Freed wrote:

On every SMTP server in the world, the first 100 to 250 bytes send by
the server after TLS negotiation completes are both constant and known:
they're the EHLO response. So that got me wondering if randomizing the
EHLO response could be helpful in mitigating statistical attacks.

An even simpler thing to do, and which introduces far more variabilityto the

initial server response than reording is to return something like this:

C: EHLO 1.com
S: 250-2.com
S: 250-XRAND p9g8u340prt8u390pr83uyfo983yro937yr9o37yr397h

S: ...

Yep, that would be a lot more effective, with one addition: randomizethe length of that string.

All pending any thoughts on whether this is statistically interesting orjust moving the deck chairs. Even the latter might be useful for puttinga shiny red sticker on the box that says "Now Resists the BEAST!"


(Curse djb for not coming up with a clever name for their attack....)

<csg>
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [ietf-smtp] When using TLS, would randomizing the order of the EHLO response be helpful?, Ned Freed

Next by Date:

Re: [ietf-smtp] When using TLS, would randomizing the order of the EHLO response be helpful?, John C Klensin

Previous by Thread:

Re: [ietf-smtp] When using TLS, would randomizing the order of the EHLO response be helpful?, Ned Freed

Next by Thread:

Re: [ietf-smtp] When using TLS, would randomizing the order of the EHLO response be helpful?, Ned Freed

Indexes:

[Date] [Thread] [Top] [All Lists]