Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

On the Practical - In-Security of 64-bit Block Ciphers - Collision Attacks on HTTP over TLS and OpenVPN

Association for Computing Machinery (ACM) via YouTube

Overview

Explore the practical insecurity of 64-bit block ciphers in this conference talk presented at CCS 2016. Delve into collision attacks on HTTP over TLS and OpenVPN, examining the vulnerabilities of block ciphers and modes of operation. Understand the birthday paradox and its implications for security. Analyze communication issues and the impact of these vulnerabilities. Learn about a practical attack scenario involving HTTP authentication tokens and the "Beastly Attack." Investigate the use of 3DES in TLS (HTTPS) and the significance of HTTPS session length. Discover potential countermeasures and compare these attacks with RC4 attacks. Gain valuable insights into the security challenges posed by 64-bit block ciphers and their implications for modern cryptographic protocols.

Syllabus

Choosing a cipher
Block ciphers and Modes of operation
Birthday paradox
Security of modes of operation
Communication issues
Outline
Impact
Towards a practical attack
HTTP authentication tokens
Beastly Attack Scenario
3DES use in TLS (HTTPS)
HTTPS session length
Countermeasures
Comparison with RC4 attacks
Conclusion

Taught by

ACM CCS

Reviews

Start your review of On the Practical - In-Security of 64-bit Block Ciphers - Collision Attacks on HTTP over TLS and OpenVPN

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.