Cryptographers Demonstrate New Crack For Common Web Encryption
It’s long been known that one of the oldest and most widely used standards for encrypting web sites has some serious weaknesses. But one group of researchers has found a method that downgrades that security scheme from vaguely flawed to demonstrably breakable.
At the Fast Software Encryption conference in Singapore earlier this week, University of Illinois at Chicago Professor Dan Bernstein presented a method for breaking Transport Layer Security, (TLS) as well as its predecessor, Secure Sockets Layer or SSL. (Slides here.) Specifically, Bernstein showed serious cracks in TLS and SSL when they’re combined with another encryption scheme known as RC4, a system invented in 1987 that remains one of the most popular and most widely recommended mechanisms for protecting traffic on banking, email, and other private sites.
- Thu, 2013-02-21 20:10
- Tue, 2013-02-19 07:19
- Mon, 2013-02-11 06:27