A few attacks
SSL/TLS protocols
Article REF: H5230 V1
A few attacks
SSL/TLS protocols

Author : Cyril TESSEREAU

Publication date: April 10, 2005 | Lire en français

Logo Techniques de l'Ingenieur You do not have access to this resource.
Request your free trial access! Free trial

Already subscribed?

7. A few attacks

While a security protocol aims to counter certain threats to user data (these are known as first-order threats), its mechanisms themselves open the door to new attack possibilities, known as second-order threats. As a result, a protocol can only be considered valid with regard to these two types of attack. Having seen how TLS counters first-order attacks on transactions, the completeness of the analysis now requires us to look at second-order attacks aimed directly at TLS.

Attacks on TLS, as on all protocols in general, fall into three categories. Firstly, there are implementation flaws due to misinterpretation by the developer, defects in the design of an application or poor consideration of security as a whole. Vulnerabilities of this type are linked to a particular application: they appear regularly as implementation flaws are discovered, and are usually promptly...

You do not have access to this resource.
Logo Techniques de l'Ingenieur

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed?

Article included in this offer

"Security of information systems"

( 86 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details
Contact our team FAQ