Tag Size Does Matter: Attacks and Proofs for the TLS Record Protocol

  title={Tag Size Does Matter: Attacks and Proofs for the TLS Record Protocol},
  author={Kenneth G. Paterson and Thomas Ristenpart and Thomas Shrimpton},
We analyze the security of the TLS Record Protocol, a MACthen-Encode-then-Encrypt (MEE) scheme whose design targets confidentiality and integrity for application layer communications on the Internet. Our main results are twofold. First, we give a new distinguishing attack against TLS when variable length padding and short (truncated) MACs are used. This combination will arise when standardized TLS 1.2 extensions (RFC 6066) are implemented. Second, we show that when tags are longer, the TLS… CONTINUE READING
Highly Influential
This paper has highly influenced a number of papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 114 citations. REVIEW CITATIONS

5 Figures & Tables



Citations per Year

114 Citations

Semantic Scholar estimates that this publication has 114 citations based on the available data.

See our FAQ for additional information.