On TV.com: TOP 10 Shows CANCELED Too Soon
BNET Business Network:
BNET
TechRepublic
ZDNet

FREE Registration is required

Overview:

Simple password authentication is often used e.g. from an email software application to a remote IMAP server. This is frequently done in a protected peer-to-peer tunnel, e.g. by SSL/TLS. At Eurocrypt'02, Vaudenay presented vulnerabilities in padding schemes used for block ciphers in CBC mode. He used a side channel, namely error information in the padding verification. This attack was not possible against SSL/TLS due to both unavailability of the side channel (errors are encrypted) and premature abortion of the session in case of errors. This paper extends the attack and optimizes it. The paper shows it is actually applicable against latest and most popular implementations of SSL/TLS (at the time this paper was written) for password interception.

(Is this item miscategorized? Does it need more tags? Let us know.)

Format:PDFSize:162 KB
Date:Jan 2009
Pages:17

Top results from SSL - TLS

Download Accelerating Secure Business Applications Podcast
White Paper 7 Things Every System Administrator Should Know About OpenSSH
White Paper BitLocker: Is It Really Secure?
White Paper Comfortable Remote-Access without Compromises: SSL-VPN in comparison with traditional VPN technologies
White Paper Smart Security Choices for Mobile Workers

» View all SSL - TLS listings

Top results from Security Management

White Paper The Essential Guide: Real-Time High Availability for Exchange - Replicate Exchange Data for Improved Resiliency
Webcast E-Business Suite Spotlight Video
White Paper Practical Approaches for Securing Web Applications across the Software Delivery Lifecycle
Webcast Webcast: Smart Techniques for application security: whitebox + blackbox testing.
White Paper Managing a growing threat: An Executive's Guide to Web Application Security

» View all Security Management listings

advertisement

White Papers, Webcasts, and Resources

Featured Training Courses

advertisement

Meet Doc

  • Here to help you with your Document Management Needs
  • Doc is an enigma. Born to a Russian ballerina and a German electrical engineer, he grew up in various locations in the United States. He’s seen the insides of more brands, versions, and generations of printer and printer-related hardware than almost anyone.
  • To learn more about this mysterious figure check out his blog on ZDNet and his Workspace on TechRepublic. You’ll be glad you did.
  • Produced by
    ZDNet and

Returning users: Log In Here!

Already registered on BNET, TechRepublic, or ZDNet? Simply log in.

Free Membership: Sign Up Now!

Sign up for a free membership today and get instant and unlimited access to one of the largest databases of white papers, webcasts, and casestudies anywhere. Your FREE membership allows you to:

  • Download an unlimited amount of content, including classic and current white papers, case studies, webcasts and more
  • Track content on your chosen topics of interest
  • Receive targeted email alerts when your favorite content is added
  • Save content for future reading
  • Receive our member newsletter

When you register to access this library, you allow us to share your information with companies that produce products or services featured in the library--so that such companies may contact you with information and offers regarding their products and services. This enables us to keep the library a free service. As a library registrant, you will receive a complimentary subscription to the ZDNet white paper newsletter and e-mail Must-Read News Alerts. You can unsubscribe from these at any time. By clicking the Sign up button, you indicate that you agree to our Terms and Conditions and have read and understand our Privacy Policy (updated).