Changes between Version 2 and Version 3 of SWEET32
- Timestamp:
- 08/24/16 09:27:47 (8 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
SWEET32
v2 v3 1 = OpenVPN and SWEET32 = 2 1 3 Security researchers at INRIA published an attack on 64-bit block ciphers, such as 3DES and Blowfish ^![0]^. They show that they are able to recover plaintext when the same data is sent often enough, and show how they can use cross-site scripting vulnerabilities to send data of interest often enough. This works over HTTPS, but also works for HTTP-over-OpenVPN. See https://sweet32.info/ ^![0]^ for a much better and more elaborate explanation. 2 4