dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
547
share rss forum feed

ke4pym
Premium
join:2004-07-24
Charlotte, NC

More cracks in SSL/TLS/DTLS



no__1__here
Premium
join:2003-10-13
Tomball, TX


norwegian
Premium
join:2005-02-15
Outback
reply to ke4pym
I've missed something - where is this is SSL?
I didn't find in a quick search where this was relative to SSL. Software by OpenSSL and others yes.

The exploit seems again for TLS specifically? This has been a problem of late for TLS, exploiting that is. Or is this because everything before TLS as well is affected?
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke


evoxllx

join:2007-06-07
Winter Park, FL
In regards to the plaintext recovery attack (Lucky 13), all versions of SSL/TLS are affected, assuming the negotiated cipher is being used in CBC mode.


ashrc4
Premium
join:2009-02-06
australia

1 edit
reply to ke4pym
A good all round explanation of how the attack works found here;
»nakedsecurity.sophos.com/2013/02···-attack/