TLS design weakness affecting client side authentications

A team of security research discover a weakness in TLS design, quote form their website “A is malicious, it can choose a non-prime group such that the resulting PMS is fully under its control. if a malicious server Amounts a UKS attack to obtain two sessions (one with C and the other with S) that share the same MS, ciphersuite, …

TLS design weakness affecting client side authentications Read More »