Highest Voted 'tls-downgrade' Questions - IT Security Stack Exchange

19

votes

3 answers

Should I use SSL/TLS renegotiation?

Should I use SSL/TLS renegotiation? In other words: does SSL/TLS renegotiation enhance or weaken the security?

asked Nov 27 '12 at 07:31

Jim

341
1
2
5

11

votes

1 answer

Is TLS_FALLBACK_SCSV useless if only TLS (1.0, 1.1, 1.2) is supported?

Ssllabs does not give A+ (highest) rating if the server does not support TLS_FALLBACK_SCSV to prevent downgrade attack. But I am wondering, is it really any useful if the server legitimately provide support only for 3 latest versions of TLS? So…

tls tls-downgrade

asked Feb 02 '16 at 15:00

Ilya Chernomordik

2,197
1
21
36

4

votes

2 answers

What happens if STARTTLS dropped in SMTP?

SMTP uses STARTTLS extension to upgrade SMTP to SMTP Secure (STMPS). According the the RFC, the client and server starts TLS as follows: S: C: S: 220 mail.imc.org SMTP service ready …

tls man-in-the-middle smtp tls-downgrade starttls

asked Sep 07 '17 at 18:23

user6875880

167
1
3

3

votes

1 answer

Why is TLS1.2 wrapped in TLS1.3?

I was just curious about TLS1.3 which Cloudflare is one of the companies leading the implementation. I then visited blog.cloudflare.com and turned on my Wireshark. I am not 100% clear about all technical details of TLS1.3, but one of the new…

tls tls-downgrade cloudflare

asked Jan 18 '19 at 00:18

匿名柴棍

303
1
7

3

votes

1 answer

Security implications of a missing SCSV, but with only TLS 1.2 allowed

Similar to this security stackexchange question, I was wondering if there's any downside, considering the services/servers security, if only TLS 1.2 allowed, but TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade…

tls webserver web-service tls-downgrade

asked Jun 09 '17 at 12:22

Breakfast Serial

85
1
1
6

2

votes

1 answer

What is extension intolerance in the context of TLS?

SSL Labs checks for TLS version intolerance and TLS extension intolerance. I've seen another answer on this site that covers version intolerance, but what does extension intolerance mean, specifically, in this context? The most information I could…

tls vulnerability-scanners protocols tls-downgrade

asked Feb 07 '20 at 16:20

Polynomial

132,208
43
298
379

2

votes

2 answers

TLS downgrade attacks

I'm currently looking at e-mail security and wondered whether server to server e-mail communication that enforces TLS, will prevent the risk of TLS downgrade attacks?

tls email tls-downgrade

asked Mar 20 '19 at 16:04

Chri3

327
1
11

2

votes

1 answer

Why TLS does not sign ciphersuite?

TLS negotiates a ciphersuite and TLS version to use during handshake. It confirms the handshake was not tampered with and the ciphersuite and TLS version were not downgraded using the negotiated ciphers, as explained here. However, this verification…

tls tls-downgrade

asked Apr 27 '18 at 11:53

Peter Harmann

7,728
5
20
28

2

votes

1 answer

Objectives of TLS_FALL_SCSV and finished-message

I'm not sure, I can tell the purpose of a TLS_FALLBACK_SCSV. Can it prevent any attack that the finished-message can't? As far as I understand, the FIN message acts as an authentication code that stops active attackers from dropping protocol…

tls attacks tls-downgrade

asked Feb 28 '17 at 15:19

user140672

23
2

2

votes

1 answer

How to enable ONLY TLS 1.2 in Java, blocking SSL TLS1.0 and TLS 1.1

I'm creating my SSL context like this: SSLContext ret = SSLContext.getInstance("TLSv1.2"); When I went in firefox and forced it to disable TLS1.2, I noticed the page still loaded using TLS1.1 I would like to make sure the server ONLY allows TLS1.2…

tls java tls-downgrade

asked Nov 03 '16 at 00:19

satnam

208
1
2
4

2

votes

1 answer

How can an attacker downgrade/modify the cipher suites when they are MACed? (Freak, Logjam use downgrade attacks)

In the Finished handshake of TLS all previous messages exchanged are sent from the client to the server (and reverse) and protected by a MAC. This is what also "prevents" TLS_FALLBACK_SCSV from being modified/deleted by an attacker. But attacks as…

tls man-in-the-middle hmac export tls-downgrade

asked Feb 21 '16 at 11:15

rugk

1,237
1
13
25

1

vote

1 answer

Why would TLSv1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA still be used?

First, I may be asking a dumb question. I am trying to learn, so please, take it easy on me. Second, if this is not the right place for this question, or you can link me elsewhere, please tell me/ do so. Third, I appreciate anyone who takes the…

encryption tls ciphers tls-downgrade

asked Sep 19 '18 at 01:52

Ryan

11
1
3

1

vote

1 answer

SSL - Does Change_cipher protects against downgrade ?

An excerpt of one of my courses about SSL/TLS says the following, This excerpt is just after the Handshake finish phase of SSL (with change_cipher_spec and finished messages). Role of the finish phase : counter the downgrade attack. An attacker…

tls tls-downgrade

asked Jun 04 '18 at 20:45

Arthur Attout

205
2
5

1

vote

1 answer

What are the benefits and disadvantage of disabling

We are considering disabling TLS1.0 and TLS1.1 in the policies for a browser used organization-wide. We already have a primary browser, where >=TLS1.0 is enabled (i.e. SSLv3 is disabled). We do not know if any sites the user uses, uses Best…

tls web-browser cipher-selection ciphers tls-downgrade

asked Aug 16 '17 at 10:45

RasmusP_963

171
8

1

vote

0 answers

Downgrading TLS 1.0 to SSLv3 - Handshake error (40)

I have a device that functions as a server and uses OpenSSL - it supports SSLv3 and TLS 1.0. That same device also functions as a client to some other servers - I am trying to see if I can downgrade the connection from the device to SSLv3 (a…

tls man-in-the-middle tls-intercept tls-downgrade

asked Nov 15 '16 at 08:19

Zach P

131
4

Questions tagged [tls-downgrade]