Summarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS)

This RFC 7457 was published in 2015.

Abstract

Over the last few years, there have been several serious attacks on Transport Layer Security (TLS), including attacks on its most commonly used ciphers and modes of operation.
This document summarizes these attacks, with the goal of motivating generic and protocol-specific recommendations on the usage of TLS and Datagram TLS (DTLS).

RFC 7457 introduction

Over the last few years, there have been several major attacks on TLS [RFC5246], including attacks on its most commonly used ciphers and modes of operation.
Details are given in Section 2, but a quick summary is that both AES-CBC and RC4, which together make up for most current usage, have been seriously attacked in the context of TLS.

Download links

Click here to download RFC 7457: TXT format PDF format (coming soon)

Related Request for Comments

Popular RFCs

©2015 RFC-Base.org - all rights reserved.