通过完全记录握手来破坏TLS安全性 [英] Breaking TLS security by fully recording the handshake

问题描述

我最近一直在研究TLS，但不确定为什么它是如此安全，但可能是由于对它如何工作的误解.但是，如果记录了整个握手过程，无论是使用中间攻击的人还是目标计算机上的数据包嗅探器，那么其余的任何通信都可以解密，因为您将拥有客户端和服务器用来生成的所有信息.加密密钥.

I have been looking at TLS recently, and I am unsure as to why it is so secure, but probably thanks to a misunderstanding of how it works. But if the entire handshake is recorded, either using a man in the middle attack or a packet sniffer on the target computer, then any of the remaining communication can be decrypted as you would have all the info that the client and the server used to generate the encryption keys.

我怀疑tls是否会出现这样的漏洞，但是谁能告诉我tls如何对此进行防御?

I doubt there would be such a hole in tls, but could anyone tell me how tls defends against this?

推荐答案

使用服务器的

The critical data sent by the client to the server in the TLS handshake is encrypted using the server's public key. So even if the packets are captured on the wire, it would require the private key (which is assumed to be known only to the server) to decrypt the packets.

这篇关于通过完全记录握手来破坏TLS安全性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！