Link Details

Link 1119171 thumbnail
User 448255 avatar

By dotCore
via imperialviolet.org
Published: Mar 02 2014 / 01:31

At this time last year, the TLS world was mostly running on RC4-SHA and AES-CBC. The Lucky 13 attack against CBC in TLS had just been published and I had spent most of January writing patches for OpenSSL and NSS to implement constant-time CBC decoding. The RC4 biases paper is still a couple of week away, but it's already clear that both these major TLS cipher suite families are finished and need replacing. (The question of which is worse is complicated.)
  • 8
  • 0
  • 820
  • 1701

Add your comment


Html tags not supported. Reply is editable for 5 minutes. Use [code lang="java|ruby|sql|css|xml"][/code] to post code snippets.

Voters For This Link (8)



Voters Against This Link (0)



    Reactive Programming with Akka
    Written by: Ryan Knight
    Featured Refcardz: Top Refcardz:
    1. Design Patterns
    2. OO JS
    3. Cont. Delivery
    4. Java Performance
    5. HTML5 Mobile
    1. Java Performance
    2. Node.js
    3. Debugging JavaScript
    4. Java
    5. Java Concurrency