GPG Fingerprint: A678 B224 73F6 F39A 75AE 35CC FCE9 3D96 5224 389C

TLS (In)Secruity in the Wild

This paper presents the most common possible Transport Layer Security (TLS) weaknesses and attacks, why they exist, and which measures can be taken to complicate or avert their exploitation. The attacks include Beast, Lucky13 and CRIME. We then analyze the Alexa 10,000 most visited Internet websites for vulnerable configurations and show that a high amount of sites (>50%) are vulnerable to one or more of the described attacks. Followed by a short summary of options how to secure TLS connections. We conclude with a examination of TLS' trust model. The focus of this work is on TLS in combination with HTTP, but most parts are relevant to other application areas too.


i3sched is a scheduler alternative for OpenNebula 3.4. It is designed to work with the Sun Grid Engine (SGE).