Provided by: Association for Computing Machinery
Date Added: Oct 2012
This paper describes a cross-protocol attack on all versions of TLS; it can be seen as an extension of the Wagner and Schneier attack on SSL 3.0. The attack presents valid explicit elliptic curve Diffie-Hellman parameters signed by a server to a client that incorrectly interprets these parameters as valid plain Diffie-Hellman parameters. The authors' attack enables an adversary to successfully impersonate a server to a random client after obtaining 240 signed elliptic curve keys from the original server.