Closed Bug 868561 Opened 11 years ago Closed 11 years ago

Make sure that RC4 (from now on if it doesn't already) throw away the first 256bytes of output during the key generation

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: 133794m3r, Unassigned)

References

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:20.0) Gecko/20100101 Firefox/20.0
Build ID: 20130326150557

Steps to reproduce:

Looked through the firefox source code to try to find how much data is thrown out when rc4 is used for TLS/SSL


Actual results:

I wasn't able to find it.


Expected results:

It should throw away the first 256bytes(at minimum) of output from rc4 before it uses the key for encyrption/during the session negotiation with the server. If it is already throwing away at least the first 256bytes then this bug can be closed as it's just an enhancement.
Assignee: nobody → nobody
Component: Untriaged → Libraries
Product: Firefox → NSS
Summary: Make sure that rc4(from now on if it doesn't already) throw away the first 256bytes of output during the key generation → Make sure that RC4 (from now on if it doesn't already) throw away the first 256bytes of output during the key generation
Version: 20 Branch → trunk
We can't do this because the spec doesn't allow it. I will find out what we need to do to open up bug 850478. Also, I will write up something about our plans for dealing with RC4-related drama.
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Depends on: CVE-2013-2566
Resolution: --- → INVALID
(In reply to Brian Smith (:bsmith) from comment #1)
> We can't do this because the spec doesn't allow it. I will find out what we
> need to do to open up bug 850478. Also, I will write up something about our
> plans for dealing with RC4-related drama.

I'm not allowed to view that bug, so I have no idea what that said... I imagine it's something to do with rc4. I only opened this because I remember the drama happening with it, I just figured it'd be good to put this on the road map in case it hadn't already been on there as I wasn't able to find anything about it.

Also I wasn't aware that the SSL/TLS spec said you can't throw out a certain amount of data from the PRNG for rc4 before you actually use the key. Anyway thanks for saying that you guys are looking into it, I hope that whatever that bug was, it's going to help you guys get ahead of this drama since I swear, it never seems to end.

First it's "don't ever use rc4 it's not strong enough, then its' use rc4 it's  your only hope, now it's rc4 isn't strong enough anymore." It's like some sort of crazy circle of insanity. I'm looking forward to the writeup, and once again/finally thanks for making me aware that you guys already have a bug for it.
You need to log in before you can comment on or make changes to this bug.