0

I've been researching the main TLS 1.1 vulnerabilities, and from what I've seen, TLS 1.2 only improves the cryptographic hash functions, because TLS s 1.1 are broken.

If these hash functions are vulnerable, is there any way to break TLS 1.1 encryption?

schroeder
  • 125,553
  • 55
  • 289
  • 326
P00
  • 13
  • 4
  • Do you mean besides POODLE? – schroeder Dec 12 '22 at 08:53
  • For what i've seen POODLE is for SSL 3.0 but its true that some websites say the versions TLS 1.0, 1.1 and 1.2 also have this vulnerability but I couldn't find any example about how to exploit it in this versions. I am looking for somewhere where this vulnerability is exploited and explained in the version 1.1 or any other vulnerability that allows the attacker to decrypt the comunication – P00 Dec 12 '22 at 09:10
  • I had already seen it when I was researching on the subject. I suppose it does, although I don't quite understand how it can't be possible to decrypt communications that use TLS 1.1 if the hash functions it uses are already broken. – P00 Dec 12 '22 at 09:59
  • there's a TLS POODLE ... – schroeder Dec 12 '22 at 10:36
  • Any references? – P00 Dec 12 '22 at 15:24

0 Answers0