TLS Attacks and Mitigations

From wiki
Jump to: navigation, search

TLS Attacks and Mitigation: Overview

Attacks on HTTPS connections generally fall into 3 categories:

  • Compromising the quality of the HTTPS connection, through cryptanalysis or other protocol weaknesses.
  • Compromising the client computer, such as by installing a malicious root certificate into the system or browser trust store.
  • Obtaining a “rogue” certificate trusted by major browsers, generally by manipulating or compromising a certificate authority.

These are all possible, but for most attackers they are very difficult and require significant expense. Importantly, they are all targeted attacks, and are not feasible to execute against any user connecting to any website.

By contrast, plain HTTP connections can be easily intercepted and modified by anyone involved in the network connection, and so attacks can be carried out at large scale and at low cost.

Readers are recommended to reference the following sources for detailed information regarding TLS Attacks and Mitigations: