Sweet32-Vulnerability/EN: Unterschied zwischen den Versionen
(Die Seite wurde neu angelegt: „=== <span style="color:#c31622">{{:{{PAGENAME}}/Headline}}<span>=== {| class="wikitable" |'''Check'''|| {{:{{PAGENAME}}/Negative}} |- |'''Beschreibung'''…“) |
|||
Zeile 15: | Zeile 15: | ||
[[Category:Siwecos-Scanner]] | [[Category:Siwecos-Scanner]] | ||
− | + | {{:{{PAGENAME}}/Category}} | |
[[Category:Glossar]] | [[Category:Glossar]] |
Version vom 8. März 2019, 09:18 Uhr
Check for the Sweet32 vulnerability
Check | Vulnerable to Sweet32. |
Beschreibung | The server is vulnerable to Sweet32, which allows an attacker under certain circumstances to decrypt parts of the communication if large amounts of data are transferred over a connection. |
Hintergrund | The attack exploits 64-bit block ciphers. The Sweet32 attack allows an attacker, under certain circumstances, to recover small pieces of text when encrypted with 64-bit block ciphers (such as 3DES). The attack is not very easy to perform, so the threat is limited. |
Auswirkung | The server is vulnerable through Sweet32, which allows an attacker to decrypt the communication. |
Lösung / Tipps | Wherever possible, it is best not to use triple DES. Deactivate block ciphers with a block length of 64 bits. |