The way to C

 

HTTPS protocol sucks


Security scientific study has developed a more practical and feasible attack technique resistant to the RC4 cryptographic algorithm that may be still widespread to encrypt communications on the net.

Despite being early, RC4 (Rivest Cipher 4) is still the most favored cryptographic cipher implemented in lots of popular protocols, including:

 SSL (Secure Socket Layer)
 TLS (Transport Layer Security)
 WEP (Wired Equivalent Privacy)
 WPA (Wi-Fi Protected Access)
 Microsoft�s RDP (Remote Desktop Protocol)
 BitTorrent
 and many more

However, weaknesses inside algorithm have been located in the past, indicating how the RC4 should be wiped from the web. But, yet about 50% of most TLS users are currently protected utilizing the RC4 encryption algorithm.

Now, the matter got worse, when two Belgian security researchers demonstrated a much more practical attack against RC4, allowing an attacker to subsequently expose encrypted information in a much shorter length of time than once was possible.

 HTTPS protocol sucks 

Attack on RC4 with 94% Accuracy

An episode on RC4 demonstrated in 2013 required in excess of 2,000 hours to complete. However, a more successful attack was presented this coming year in March, which focused on password recovery attacks against RC4 in TLS and required about 312 to 776 hours to complete.

Tags

The list of tags is empty.

Contact

httpsprotocolsucks topiliskaya.8a@mail.ru