But if the starting value is random, the number of increments
before overflow or wrap will be random too (and could
hypothetically, but rarely, be as little as 1).
Anyway, I thought TLS records were limited to slightly more than
16K each, so the in-record block counter would not count very far.
On 09/03/2017 16:26, Michael Wojcik wrote:
And there's no reason for it to do so, because it isn't needed. If you
generate one TLS packet every nanosecond, it will take nearly six
centuries to overflow, by which time the version of TLS you're using
will have been deprecated and all security guarantees are moot anyway.
In general, most security experts recommend against keeping a TLS
conversation open for years at a time.
Michael Wojcik
Distinguished Engineer, Micro Focus
*From:*openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] *On
Behalf Of *Salz, Rich via openssl-users
*Sent:* Thursday, March 09, 2017 05:49
*To:* openssl-users@xxxxxxxxxxx
*Subject:* Re: [AES-GCM] TLS packet nounce_explicit
overflow
No, it does not do this automatically.
*if the nounce _explicit overflows or overlaps , then does openssl
code handles it (atleast by initiating renegotiation )?*
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
