New TLS encryption-busting attack also impacts the newer TLS 1.3

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
A team of academics has revealed a new cryptographic attack this week that can break encrypted TLS traffic, allowing attackers to intercept and steal data previously considered safe & secure.

This new downgrade attack --which doesn't have a fancy name like most cryptography attacks tend to have-- works even against the latest version of the TLS protocol, TLS 1.3, released last spring and considered to be secure.

The new cryptographic attack isn't new, per-se. It's yet another variation of the original Bleichenbacher oracle attack.

The original attack was named after Swiss cryptographer Daniel Bleichenbacher, who in 1998 demonstrated a first practical attack against systems using RSA encryption in concert with the PKCS#1 v1 encoding function.

Over the years, cryptographers have come up with variations on the original attack, such as in 2003, 2012, 2012, 2014, 2014, 2014, 2015, 2016 (DROWN), 2017 (ROBOT), and 2018.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top