Downgrade attack

A downgrade attack is a form of attack on a computer system or communications protocol that makes it abandon a high-quality mode of operation (e.g. an encrypted connection) in favor of an old, lower-quality mode of operation (e.g. clear text) that is there for backward compatibility with older systems. This is a flaw found in OpenSSL and it allows the attacker to negotiate to a lower version of TLS between the client and server.[1] This is one of the most common types of downgrade attacks.

Downgrade attacks are often implemented as part of a man-in-the-middle attack, and may be used as a way of enabling a cryptographic attack that might not be possible otherwise. Downgrade attacks have been a consistent problem with the SSL/TLS family of protocols; examples of such attacks include the POODLE attack.

Removing backward compatibility is often the only way to prevent downgrade attacks.

References

  1. Praetorian. "Man-in-the-Middle TLS Protocol Downgrade Attack". Praetorian. Retrieved 2016-04-13.


This article is issued from Wikipedia - version of the 9/24/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.