Filter Blogs expand_more
Blog add
Authors add
4 Results for 'RC4'
Blog

By Bruce Morton

March 19, 2013

The team of Nadhem AlFardan, Dan Bernstein, Kenny Paterson, Bertram Poettering and Jacob Schuldt published an RC4 encryption attack in SSL/TLS. As Matthew Green says, RC4 is old and crummy.
Blog

By Bruce Morton

March 27, 2013

We had the BEAST attack and it was said, “Prioritize RC4 cipher suite.” We had the Lucky Thirteen attack and it was said again, “Prioritize RC4.” We had the AlFBPPS attack and it was said, “RC4 is old and crummy. CBC-mode would be better, if only it wasn’t already attacked by BEAST and Lucky Thirteen.
Blog

By Bruce Morton

September 19, 2013

Watchers of the SSL industry follow SSL protocol attacks such as BEAST, CRIME, Lucky 13 and RC4 closely. They also track the rare certification authority (CA) attacks such as Comodo or DigiNotar. But they don’t seem to spend much time following attacks to the domain name registration system (DNS).
Blog

By Sandra Carielli

October 20, 2016

Researchers have demonstrated several vulnerabilities in MD5. The IETF has prohibited RC4 for use in TLS. More recently, you may have dealt with the impact of SHA-1 being removed as an acceptable algorithm in many standards, including PCI and CAB Forum, according to Entrust Datacard. 
Page 1 of 1