Nadhem AlFardan and Kenny Paterson of the Information Security Group at Royal Holloway, University of London, announced a new TLS/DTLS attack called Lucky Thirteen. The attack allows a man-in-the-middle attacker to recover plaintext from a TLS/DTLS connection when CBC-mode (cipher-block chaining) encryption is used.
http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
No comments:
Post a Comment