Interception Attacks Against SSL
Page 1 of 1
Interception Attacks Against SSL
Detecting and Defeating Government - Interception Attacks Against SSL
This paper introduces a new attack,the compelled certificate creation attack,in which government agencies compel a certificate authority to issue false SSL certificates that are then used by intelligence agencies to covertly intercept and hijack individuals' secure Web-based communications. We reveal alarming evidence that suggests that this attack is in active use. Finally, we introduce a lightweight browser add-on that detects and thwarts such attacks.
Download PDF
This paper introduces a new attack,the compelled certificate creation attack,in which government agencies compel a certificate authority to issue false SSL certificates that are then used by intelligence agencies to covertly intercept and hijack individuals' secure Web-based communications. We reveal alarming evidence that suggests that this attack is in active use. Finally, we introduce a lightweight browser add-on that detects and thwarts such attacks.
Download PDF
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics
» Zero-Day PowerPoint Attacks Under Way
» Side Channel Attacks in SSL
» Automated SEO poisoning attacks explained
» Protecting Browsers from DNS Rebinding Attacks
» Improving HTTPS Side Channel Attacks
» Side Channel Attacks in SSL
» Automated SEO poisoning attacks explained
» Protecting Browsers from DNS Rebinding Attacks
» Improving HTTPS Side Channel Attacks
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|