[Help-gnutls] TLS message length differs
Nikos Mavrogiannopoulos
nmav at gnutls.org
Wed Feb 20 09:45:18 CET 2008
On Feb 20, 2008 9:26 AM, <kristian.martens at freenet.de> wrote:
> Yes, it seems to be related to he FINISHED message, which is the first encrypted message.
> From the debug trace I can see the following difference (245 bytes <> 277 bytes):
This is normal. Encrypted messages in gnutls use a random padding so
their size is never the same.
This will prevent certain guessing attacks against the encrypted data.
For the finished messages it might not be an issue, but when
encrypting a URL or a web page, the size of the encrypted data might
reveal the actual page being transfered.
regards,
Nikos
More information about the Gnutls-help
mailing list