The easiest way to get around SSL

Abstract
This paper explains how it is often possible, with the simple substitution of a string, to get around a “secure” implementation based on an incorrect use of SSL.
Please note that this document does not contain any information about weaknesses of the SSL protocol; it simply shows the easiest way to get around the correct functioning of the SSL protocol.
In this document typical “weakly secure” implementation based on the SSL protocol are illustrated.
A simple test application is also proposed to check if existing implementations are indeed “weakly secure”.
This document has an informative purpose.
The easiest way to get around SSL

I commenti sono chiusi.