Tag Archives: s2n

Amazon 之前放出的 s2n 的安全性問題

Amazon 之前放 s2n 出來當作 TLS protocol 的方案,於是就有人摸出東西來:「Lucky Microseconds: A Timing Attack on Amazon's s2n Implementation of TLS」。 即使是經過外部資安檢證,仍然還是有找到問題。這次找到的問題是 timing attack 類在 CBC-mode 下的 plaintext recovery: At the time of its release, Amazon announced that s2n had undergone three external security … Continue reading

Posted in Computer, Network, Programming, Security, Software, WWW | Tagged , , , , , , , , , , , , , , , | 1 Comment