#1 Timing Based attacks on SSL/TLS with CBC encription
Salio ayer este Advisory de SSL:
OpenSSL Security Advisory [19 February 2003]
Timing-based attacks on SSL/TLS with CBC encryption
http://www.openssl.org/news/secadv_20030219.txt
Se basa en este articulo:
Password Interception in a SSL/TLS Channel
by Brice Canvel
http://lasecwww.epfl.ch/memo_ssl.shtml
Las medidas correctivas:
Security of CBC Ciphersuites in SSL/TLS: Problems and Countermeasures
http://www.openssl.org/~bodo/tls-cbc.txt
La noticia salió en Slashdot:
http://slashdot.org/articles/03/02/2...tid=93&tid=172
Salu 2
OpenSSL Security Advisory [19 February 2003]
Timing-based attacks on SSL/TLS with CBC encryption
http://www.openssl.org/news/secadv_20030219.txt
Se basa en este articulo:
Password Interception in a SSL/TLS Channel
by Brice Canvel
http://lasecwww.epfl.ch/memo_ssl.shtml
Las medidas correctivas:
Security of CBC Ciphersuites in SSL/TLS: Problems and Countermeasures
http://www.openssl.org/~bodo/tls-cbc.txt
La noticia salió en Slashdot:
http://slashdot.org/articles/03/02/2...tid=93&tid=172
Salu 2
0
