Skip to content

dnkolegov/tls-what-can-go-wrong

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
 
 
 
 

Repository files navigation

TLS - what can go wrong?

Key generation

RSA encryption handshake

RSA signature handshake

ECDSA / DSA handshake

  • Duplicate r (not found in the wild yet)

Static DH/ECDH handshake

Diffie Hellman

ECDHE

Finished message

CBC/HMAC

GCM

Small block size

RC4

Compression

  • CRIME (TLS compression)
  • BREACH (HTTP compression)
  • TIME, HEIST (TCP window trick, Javascript, timing + HTTP compression)

State machine errors

HTTP/HTTPS related

Parsing and validation logic issues

Sidechannels

Others

About

TLS - what can go wrong?

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published