Plain-Text Recovery Attacks Against Datagram TLS
Download: Paper (PDF)
Date: 6 Feb 2012
Document Type: Presentations
Additional Documents: Slides
Associated Event: NDSS Symposium 2012
We describe an efficient and full plaintext recovery attack against the OpenSSL implementation of DTLS, and an efficient, partial plaintext recovery attack against the GnuTLS implementation of DTLS. We discuss the reasons why these implementations are insecure, drawing lessons for secure protocol design and implementation in general.