Re: alleged attack on TLS

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: alleged attack on TLS

From:	Chris Palmer
Subject:	Re: alleged attack on TLS
Date:	Wed, 21 Sep 2011 10:43:31 -0700

On Wed, Sep 21, 2011 at 1:19 AM, Nikos Mavrogiannopoulos
<address@hidden> wrote:

> From information gathered here
> and there it seems the attack is a variation or an implementation of
> the Bard attack [0].

The BEAST developers say that they were inspired by Dai, not Bard. FWIW.

> If you are using GnuTLS and want to prevent such
> attacks you can do the following:
> * Make sure that TLS 1.1 or TLS 1.2 are not disabled (gnutls enables
> them by default, but because of compatibility issues with broken peers
> they are often disabled)

You can also use a non-CBC cipher suite, like RC4.


-- 
"These days, though, you have to be pretty technical before you can
even aspire to crudeness." — William Gibson

[Prev in Thread]

Current Thread

[Next in Thread]

alleged attack on TLS, Nikos Mavrogiannopoulos, 2011/09/21
- Re: alleged attack on TLS, Chris Palmer <=
  - Re: alleged attack on TLS, Nikos Mavrogiannopoulos, 2011/09/21
    - Re: alleged attack on TLS, Chris Palmer, 2011/09/21

Prev by Date: Re: gnutls 3.0.3
Next by Date: Re: alleged attack on TLS
Previous by thread: alleged attack on TLS
Next by thread: Re: alleged attack on TLS
Index(es):
- Date
- Thread