Bugtraq mailing list archives
Re: preventing sequence number guessing
From: tdarcos () access digex net (Paul Robinson)
Date: Sun, 29 Jan 1995 20:25:58 -0500 (EST)
On Sun, 29 Jan 1995, David A. Wagner wrote:
Anyone care to do a real-time test? Generate some random strings of varying length, including some one-byte responses, until you have some large number, say, 10000 of these strings. Randomly assign some to one side, so that maybe one side has 1000 outgoing strings and 9000 incoming, then have an MD5 checksum done in which the program generates a checksum for each line, sends it, then after, say, 10 lines, sends a message the other way.I think you misunderstood my (proposed) use of MD5. MD5 would *not* be invoked for every packet sent -- *only* for SYN packets, i.e. for TCP/IP connection startup. There'd be one invocation of MD5 per new connection request per machine. Furthermore, the input being hashed would only need to be a few bytes -- 8 or 16 is plenty.
So again, what's to keep someone from hijacking the connection again. Comes in, steals the packets on the wire. Substitutes his for the real ones, then sends a "close connection" or "reset" back to the original source. He now has an authenticated connection after it's been authenticated.
I *heard* that there was one bug in the MD5 code printed in the RFC, but I've never tried it myself.
Someone want to check this? If so, it needs to be reported and the RFC needs to be obsoleted and replaced with a new one. Do we have anyone here who has the arithmetic to be able to verify this sort of thing? I can puzzle some things out, but this goes way beyond my mathematical abilities.
There's MD5 code at ripem.msu.edu /pub/crypt/others/md5.zip which I'm pretty certain is good...
Might be worth running tandem verifications of some items and see that they both get the same results, say on a few thousand items.
Current thread:
- Re: preventing sequence number guessing der Mouse (Jan 28)
- Re: preventing sequence number guessing Julian Assange (Jan 29)
- Re: preventing sequence number guessing Paul Robinson (Jan 29)
- <Possible follow-ups>
- Re: preventing sequence number guessing Paul Robinson (Jan 29)
- Re: preventing sequence number guessing der Mouse (Jan 30)