[Cryptography] Because one TLS bug per month is just not enough
Kevin W. Wall
kevin.w.wall at gmail.com
Sun Apr 27 19:57:07 EDT 2014
Matthew Green has a good write-up in his blog at
<http://blog.cryptographyengineering.com/2014/04/attack-of-week-triple-handshakes-3shake.html>
This one appears to affect Apple OS/X and iOS but it
wouldn't surprise me if other implementations have the
same issue. Fortunately according to Green, this will have
much less impact to security than did Heartbleed because
it only affects seldom used use cases of TLS.
-kevin
--
Blog: http://off-the-wall-security.blogspot.com/
NSA: All your crypto bit are belong to us.
More information about the cryptography
mailing list