The Community for Technology Leaders
Green Image
Issue No. 01 - January/February (2010 vol. 14)
ISSN: 1089-7801
pp: 84-87
Stephen Farrell , Trinity College Dublin
Recently, a previously unknown, and not particularly complex, man-in-the-middle attack appeared, affecting all versions of the Transport Layer Security (TLS) protocol. TLS and its predecessors have been in widespread use for more than a decade and have been subject to detailed scrutiny from the security community over that period. Because TLS was also developed in a very open environment (the IETF), as is usually recommended by security professionals, the question arises: Why didn't we spot this sooner? In this article, the author outlines the new attack and ponders this question.
man-in-the-middle, TLS, SSL, security protocol development, practical security

S. Farrell, "Why Didn't We Spot That?," in IEEE Internet Computing, vol. 14, no. , pp. 84-87, 2010.
100 ms
(Ver 3.3 (11022016))