New SLOTH Attack Can Reduce the Security of TLS and SSH Protocols

153

new-sloth-attackCryptography is having a bad week, and after details of the HTTPS Bicycle Attack surfaced a few days ago, a new attack type called SLOTH has weakened trust in encryption even more.

Presented at the Real World Cryptography Conference in Stanford, USA, the SLOTH attack has the capability to weaken encryption power in various protocols like TLS, SSH, and IPsec. The issue resides in our old friends MD5 and SHA-1…

Read more at Softpedia