(Ne)bezpečné HTTPS - část II

• Title in English: (In)Secure HTTPS - part II
• Authors: KREJČÍ Radek; ČELEDA Pavel
• Year of publication: 2010
• Type: Article in Periodical
• Magazine / Source: Data Security Management
• MU Faculty or unit: Institute of Computer Science
• Field: Informatics
• Keywords: SSL; TLS; HTTPS; MITM; decrypting; arpspoofing; sslstrip; renegotiation
• Description: The second article from the series of two articles presents attacks against HTTPS based on man-in-the-middle approach. It describes possibilities to eavesdropping and modifying secured HTTPS connections. Finally principles to prevent and defend such attacks are discussed.

Related projects

• CYBER - Security of Czech Army Information and Communication Systems - On-line Monitoring, Visualization and Packet Filtration. Computer Incident Response Capability Development in the Cyber Defence Environment