Show simple item record

dc.contributor.authorFARRELL, STEPHEN
dc.date.accessioned2010-04-21T16:48:00Z
dc.date.available2010-04-21T16:48:00Z
dc.date.issued2010
dc.date.submitted2010en
dc.identifier.citationFarrell, S., Why didn't we spot that?, IEEE Internet Computing, 14, 1, 2010, 84 - 87en
dc.identifier.otherY
dc.identifier.urihttp://hdl.handle.net/2262/39154
dc.descriptionPUBLISHEDen
dc.description.abstractThe Secure Sockets Layer (SSL) protocol and its standards-track successor, the Transport Layer Security (TLS) protocol, were developed more than a decade ago and have generally withstood scrutiny in that the protocols themselves haven't been found to have security flaws. Marsh Ray and Steve Dispensa discovered a design flaw in the TLS protocol that affects all versions of the protocol up to and including the current version.Whereas the vulnerability itself is serious, it need not affect many deployments once administrators apply suitable patches to disable renegotiation, leaving TLS sufficiently secure in most cases because exploiting the vulnerability requires the attacker to be an active man-in-themiddle, redirecting traffic between victims (for example, a browser and a Web server). However, because security problems only ever get worse, a change to the protocol is required. The vulnerability is an interesting attack in itself, but perhaps more interesting is the question, why didn't we see this earlier? In this article, the author explore this question but, unfortunately, can't answer it. Hopefully, simply asking the question might prompt developers to re-examine assumptions they've forgotten they've even made.en
dc.format.extent84 - 87en
dc.language.isoenen
dc.publisherIEEEen
dc.relation.ispartofseriesIEEE Internet Computingen
dc.relation.ispartofseries14en
dc.relation.ispartofseries1en
dc.rightsYen
dc.subjectcryptographic protocolsen
dc.titleWhy didn't we spot that?en
dc.typeJournal Articleen
dc.type.supercollectionscholarly_publicationsen
dc.type.supercollectionrefereed_publicationsen
dc.identifier.peoplefinderurlhttp://people.tcd.ie/sfarrel6
dc.identifier.rssinternalid64059
dc.identifier.rssurihttp://dx.doi.org/10.1109/MIC.2010.21en


Files in this item

Thumbnail
Thumbnail

This item appears in the following Collection(s)

Show simple item record