[html5] r7014 - [giow] (0) http+aes: Clarify that the nonce is zero and that thus the key must b [...]
whatwg at whatwg.org
whatwg at whatwg.org
Mon Mar 5 09:55:04 PST 2012
Author: ianh
Date: 2012-03-05 09:55:02 -0800 (Mon, 05 Mar 2012)
New Revision: 7014
Modified:
complete.html
index
source
Log:
[giow] (0) http+aes: Clarify that the nonce is zero and that thus the key must be fresh with each resource.
Affected topics: HTML, Security
Modified: complete.html
===================================================================
--- complete.html 2012-03-05 05:05:15 UTC (rev 7013)
+++ complete.html 2012-03-05 17:55:02 UTC (rev 7014)
@@ -94760,12 +94760,12 @@
<dd>Same as <code title="">http</code>, except that the message
body must be decrypted by applying the AES-CTR algorithm using the
key specified in the URL's <code title="">userinfo</code>
- component, after unescaping it from the URL syntax to bytes. If
- there is no such component, or if that component, when unescaped
- from the URL syntax to bytes, does not consist of exactly 16, 24,
- or 32 bytes, then the user agent must act as if the resource could
- not be obtained due to a network error, and may report the problem
- to the user.</dd>
+ component, after unescaping it from the URL syntax to bytes, and
+ using a zero nonce. If there is no such component, or if that
+ component, when unescaped from the URL syntax to bytes, does not
+ consist of exactly 16, 24, or 32 bytes, then the user agent must
+ act as if the resource could not be obtained due to a network
+ error, and may report the problem to the user.</dd>
<dt>Encoding considerations:</dt>
<dd>Same as <code title="">http</code>, but the <code title="">userinfo</code> component represents bytes encoded using
ASCII and the URL escape mechanism.</dd>
@@ -94811,6 +94811,10 @@
categorised by an attacker watching network traffic or with access
to the system hosting the files without the attacker ever having
to decrypt the "data.json" files.</p>
+ <p>Each resource encrypted in this fashion must use a fresh key.
+ Otherwise, an attacker can use commonalities in the resources'
+ plaintexts to determine the key and decrypt all the resources
+ sharing a key.</p>
<p>The security considerations that apply to <code title="">http</code> apply as well.</p>
</dd>
<!--REMOVE-TOPIC:Security-->
Modified: index
===================================================================
--- index 2012-03-05 05:05:15 UTC (rev 7013)
+++ index 2012-03-05 17:55:02 UTC (rev 7014)
@@ -94760,12 +94760,12 @@
<dd>Same as <code title="">http</code>, except that the message
body must be decrypted by applying the AES-CTR algorithm using the
key specified in the URL's <code title="">userinfo</code>
- component, after unescaping it from the URL syntax to bytes. If
- there is no such component, or if that component, when unescaped
- from the URL syntax to bytes, does not consist of exactly 16, 24,
- or 32 bytes, then the user agent must act as if the resource could
- not be obtained due to a network error, and may report the problem
- to the user.</dd>
+ component, after unescaping it from the URL syntax to bytes, and
+ using a zero nonce. If there is no such component, or if that
+ component, when unescaped from the URL syntax to bytes, does not
+ consist of exactly 16, 24, or 32 bytes, then the user agent must
+ act as if the resource could not be obtained due to a network
+ error, and may report the problem to the user.</dd>
<dt>Encoding considerations:</dt>
<dd>Same as <code title="">http</code>, but the <code title="">userinfo</code> component represents bytes encoded using
ASCII and the URL escape mechanism.</dd>
@@ -94811,6 +94811,10 @@
categorised by an attacker watching network traffic or with access
to the system hosting the files without the attacker ever having
to decrypt the "data.json" files.</p>
+ <p>Each resource encrypted in this fashion must use a fresh key.
+ Otherwise, an attacker can use commonalities in the resources'
+ plaintexts to determine the key and decrypt all the resources
+ sharing a key.</p>
<p>The security considerations that apply to <code title="">http</code> apply as well.</p>
</dd>
<!--REMOVE-TOPIC:Security-->
Modified: source
===================================================================
--- source 2012-03-05 05:05:15 UTC (rev 7013)
+++ source 2012-03-05 17:55:02 UTC (rev 7014)
@@ -110632,12 +110632,12 @@
<dd>Same as <code title="">http</code>, except that the message
body must be decrypted by applying the AES-CTR algorithm using the
key specified in the URL's <code title="">userinfo</code>
- component, after unescaping it from the URL syntax to bytes. If
- there is no such component, or if that component, when unescaped
- from the URL syntax to bytes, does not consist of exactly 16, 24,
- or 32 bytes, then the user agent must act as if the resource could
- not be obtained due to a network error, and may report the problem
- to the user.</dd>
+ component, after unescaping it from the URL syntax to bytes, and
+ using a zero nonce. If there is no such component, or if that
+ component, when unescaped from the URL syntax to bytes, does not
+ consist of exactly 16, 24, or 32 bytes, then the user agent must
+ act as if the resource could not be obtained due to a network
+ error, and may report the problem to the user.</dd>
<dt>Encoding considerations:</dt>
<dd>Same as <code title="">http</code>, but the <code
title="">userinfo</code> component represents bytes encoded using
@@ -110684,6 +110684,10 @@
categorised by an attacker watching network traffic or with access
to the system hosting the files without the attacker ever having
to decrypt the "data.json" files.</p>
+ <p>Each resource encrypted in this fashion must use a fresh key.
+ Otherwise, an attacker can use commonalities in the resources'
+ plaintexts to determine the key and decrypt all the resources
+ sharing a key.</p>
<p>The security considerations that apply to <code
title="">http</code> apply as well.</p>
</dd>
More information about the Commit-Watchers
mailing list