[Help-gnutls] TLS message length differs

Nikos Mavrogiannopoulos nmav at gnutls.org
Wed Feb 20 09:45:18 CET 2008

On Feb 20, 2008 9:26 AM,  <kristian.martens at freenet.de> wrote:
> Yes, it seems to be related to he FINISHED message, which is the first encrypted message.
> From the debug trace I can see the following difference (245 bytes <> 277 bytes):

This is normal. Encrypted messages in gnutls use a random padding so
their size is never the same.
This will prevent certain guessing attacks against the encrypted data.
For the finished messages it might not be an issue, but when
encrypting a URL or a web page, the size of the encrypted data might
reveal the actual page being transfered.


More information about the Gnutls-help mailing list