翻訳と辞書
Words near each other
・ Lucky Strike, Alberta
・ Lucky Strike, Belize
・ Lucky Strikes (album)
・ Lucky Summer Lady
・ Lucky tattie
・ Lucky Terror
・ Lucky the Dinosaur
・ Lucky the Man
・ Lucky the Pizza Dog
・ Lucky Them
・ Lucky Thirteen
・ Lucky Thirteen (Bert Jansch album)
・ Lucky Thirteen (House)
・ Lucky Thirteen (Neil Young album)
・ Lucky Thirteen (Vincent album)
Lucky Thirteen attack
・ Lucky Thompson
・ Lucky Thompson Plays Happy Days Are Here Again
・ Lucky Thompson Plays Jerome Kern and No More
・ Lucky Three
・ Lucky to Be a Woman
・ Lucky to be Alive
・ Lucky to Me
・ Lucky Town
・ Lucky TV
・ Lucky Twice
・ Lucky Valley, Iowa
・ Lucky Vanous
・ Lucky Varela
・ Lucky Vatnani


Dictionary Lists
翻訳と辞書 辞書検索 [ 開発暫定版 ]
スポンサード リンク

Lucky Thirteen attack : ウィキペディア英語版
Lucky Thirteen attack
The Lucky Thirteen attack is a cryptographic timing attack against implementations of the Transport Layer Security (TLS) protocol, first reported in February 2013 by its developers Nadhem J. AlFardan and Kenny Paterson of the Information Security Group at Royal Holloway, University of London.
==Attack==
It is a novel variant of Serge Vaudenay's padding oracle attack that had previously thought to have been fixed, that uses a timing side-channel attack against the message authentication code (MAC) check stage in the TLS algorithm to break the algorithm in a way that was not fixed by previous attempts to mitigate Vaudenay's attack.
"In this sense, the attacks do not pose a significant danger to ordinary users of TLS in their current form. However, it is a truism that attacks only get better with time, and we cannot anticipate what improvements to our attacks, or entirely new attacks, may yet be discovered." — Nadhem J. AlFardan and Kenny Paterson〔

The researchers only examined Free Software implementations of TLS and found all examined products to be potentially vulnerable to the attack.
They have tested their attacks successfully against OpenSSL and GnuTLS. Because the researchers applied responsible disclosure and worked with the software vendors,
some software updates to mitigate the attacks were available at the time of publication.〔
Martin R. Albrecht and Paterson have since demonstrated a variant Lucky Thirteen attack against Amazon's s2n TLS implementation, even though s2n includes countermeasures intended to prevent timing attacks.

抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)
ウィキペディアで「Lucky Thirteen attack」の詳細全文を読む



スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース

Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.