New HTTPS Bicycle Attack Reveals Details About Passwords, GPS Coordinates

Minimalist · Jan 6, 2016

Dutch security researcher Guido Vranken has published a paper in which he details a new attack method on TLS/SSL-encrypted traffic, one that can potentially allow attackers to extract some information from HTTPS data streams.
Click to expand...

http://news.softpedia.com/news/new-...-about-passwords-gps-coordinates-498488.shtml

Minimalist · Jan 6, 2016

Fatally weak MD5 function torpedoes crypto protections in HTTPS and IPSEC

If you thought MD5 was banished from HTTPS encryption, you'd be wrong. It turns out the fatally weak cryptographic hash function, along with its only slightly stronger SHA1 cousin, are still widely used in the transport layer security protocol that underpins HTTPS. Now, researchers have devised a series of attacks that exploit the weaknesses to break or degrade key protections provided not only by HTTPS but also other encryption protocols, including Internet Protocol Security and secure shell.
Click to expand...

http://arstechnica.com/security/201...pedoes-crypto-protections-in-https-and-ipsec/

Amanda · Jan 9, 2016

Damn. They could at least increase the number of rounds on MD5 and SHA1.

Log in or Sign up

New HTTPS Bicycle Attack Reveals Details About Passwords, GPS Coordinates

Minimalist Registered Member

Minimalist Registered Member

Amanda Registered Member

Log in or Sign up

New HTTPS Bicycle Attack Reveals Details About Passwords, GPS Coordinates

Minimalist Registered Member

Minimalist Registered Member

Amanda Registered Member

Useful Searches