YoVDO

On the Practical - In-Security of 64-bit Block Ciphers - Collision Attacks on HTTP over TLS and OpenVPN

Offered By: Association for Computing Machinery (ACM) via YouTube

Tags

ACM CCS (Computer and Communications Security) Courses Cryptography Courses Network Security Courses Block Ciphers Courses TLS Courses OpenVPN Courses Collision Attacks Courses

Course Description

Overview

Explore the practical insecurity of 64-bit block ciphers in this conference talk presented at CCS 2016. Delve into collision attacks on HTTP over TLS and OpenVPN, examining the vulnerabilities of block ciphers and modes of operation. Understand the birthday paradox and its implications for security. Analyze communication issues and the impact of these vulnerabilities. Learn about a practical attack scenario involving HTTP authentication tokens and the "Beastly Attack." Investigate the use of 3DES in TLS (HTTPS) and the significance of HTTPS session length. Discover potential countermeasures and compare these attacks with RC4 attacks. Gain valuable insights into the security challenges posed by 64-bit block ciphers and their implications for modern cryptographic protocols.

Syllabus

Choosing a cipher
Block ciphers and Modes of operation
Birthday paradox
Security of modes of operation
Communication issues
Outline
Impact
Towards a practical attack
HTTP authentication tokens
Beastly Attack Scenario
3DES use in TLS (HTTPS)
HTTPS session length
Countermeasures
Comparison with RC4 attacks
Conclusion


Taught by

ACM CCS

Related Courses

Certified Ethical Hacker (CEH) - Linux Academy's Prep Course
A Cloud Guru Certified Information Systems Security Professional (CISSP)
A Cloud Guru CompTIA Security+ Certification Prep
A Cloud Guru Encryption Fundamentals
A Cloud Guru LPIC-3 Exam 303: Security
A Cloud Guru