[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: alleged attack on TLS
From: |
Chris Palmer |
Subject: |
Re: alleged attack on TLS |
Date: |
Wed, 21 Sep 2011 10:43:31 -0700 |
On Wed, Sep 21, 2011 at 1:19 AM, Nikos Mavrogiannopoulos
<address@hidden> wrote:
> From information gathered here
> and there it seems the attack is a variation or an implementation of
> the Bard attack [0].
The BEAST developers say that they were inspired by Dai, not Bard. FWIW.
> If you are using GnuTLS and want to prevent such
> attacks you can do the following:
> * Make sure that TLS 1.1 or TLS 1.2 are not disabled (gnutls enables
> them by default, but because of compatibility issues with broken peers
> they are often disabled)
You can also use a non-CBC cipher suite, like RC4.
--
"These days, though, you have to be pretty technical before you can
even aspire to crudeness." — William Gibson