yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-12-26 01:55:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
mbedtls/include
History
Janos Follath 0be55a0549 Remove MBEDTLS_SSL_AEAD_RANDOM_IV feature 
In a USENIX WOOT '16 paper the authors warn about a security risk
of random Initialisation Vectors (IV) repeating values.

The MBEDTLS_SSL_AEAD_RANDOM_IV feature is affected by this risk and
it isn't compliant with RFC5116. Furthermore, strictly speaking it
is a different cipher suite from the TLS (RFC5246) point of view.

Removing the MBEDTLS_SSL_AEAD_RANDOM_IV feature to resolve the above
problems.

Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky and Philipp
Jovanovic, "Nonce-Disrespecting Adversaries: Practical Forgery Attacks
on GCM in TLS", USENIX WOOT '16
2016-10-13 10:35:34 +01:00
..
mbedtls Remove MBEDTLS_SSL_AEAD_RANDOM_IV feature 2016-10-13 10:35:34 +01:00
.gitignore Rename include directory to mbedtls 2015-03-10 11:23:56 +00:00
CMakeLists.txt Fix whitespace in CMakeLists.txt 2015-06-25 10:59:57 +02:00