Sweet32-Vulnerability-SMTP/EN: Unterschied zwischen den Versionen
(Die Seite wurde neu angelegt: „=== {{:{{PAGENAME}}/Headline}} === If the result is positive, there is no need for further action. If the result is negative, please read the following inst…“) |
|||
Zeile 1: | Zeile 1: | ||
+ | |||
=== {{:{{PAGENAME}}/Headline}} === | === {{:{{PAGENAME}}/Headline}} === | ||
Aktuelle Version vom 7. Mai 2020, 11:40 Uhr
Scan for Sweet32 vulnerability
If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.
Result positive | Not vulnerable to Sweet32. |
Result negativ | Vulnerable to Sweet32. |
Description | The server is vulnerable to Sweet32, which allows an attacker under certain circumstances to decrypt parts of the communication if large amounts of data are transferred over a connection. |
Background | The attack exploits 64-bit block ciphers. The Sweet32 attack allows an attacker, under certain circumstances, to recover small pieces of text when encrypted with 64-bit block ciphers (such as 3DES). The attack is not very easy to perform, so the threat is limited. |
Consequence | The server is vulnerable to SWEET32, which allows an attacker to decrypt the communication. |
Solution/Tips | Wherever possible, it is best not to use triple DES. Deactivate block ciphers with a block length of 64 bits. |