BEAST: An Explanation of the CBC Attack on TLS posted July 2017

I made a video explaining the BEAST attack. As usual it's more of an overview so head over to something like this for more details.

Well done! You've reached the end of my post. Now you can leave a comment or read something else.

Here are some random popular articles:

- Tamarin Prover Introduction
- TLS, Pre-Master Secrets and Master Secrets
- Zero'ing memory, compiler optimizations and memset_s
- Problems that UDP and only UDP has
- Schnorr's Signature and non-interactive Protocols
- Let's Encrypt Overview
- Common x509 certificate validation/creation pitfalls

Here are some random recent articles:

- Cairo's public memory
- Two And A Half Coins #7 - It's time to talk about Ethereum
- A note on the elliptic curve pairing checks in zero-knowledge proofs
- Two And A Half Coins #8 - Consensus protocols, Bitcoin, Fastpay, and Linera with Mathieu Baudet
- What's happening in the round 5 of PlonK?
- I talked about ZK security on the first episode of Node Guardians season 2!
- Zero-knowledge proofs in stateful applications

Comments

Dan

Good explanation! However one slight issue. BEAST doesn't involve a padding oracle. I think you might be thinking of POODLE. A padding oracle is something that takes a ciphertext as input, decrypts it, and if a padding error is encountered reports it back to the person who submitted the ciphertext. Thanks!

david

oh my of course! I need to fix this. Did I say it was a padding oracle in the video itself? I hope I didn't :)

Thanks for pointing this out Dan.

BEAST: An Explanation of the CBC Attack on TLS posted July 2017

Comments

Dan

david

leave a comment...

Subscribe to the mailing list