News Single

Raccoon Attack

Raccoon is a timing vulnerability in the TLS specification that affects HTTPS and other services that rely on TLS. Raccoon allows attackers under certain conditions to break the encryption and read sensitive communications. The vulnerability is really hard to exploit and relies on very precise timing measurements and on a specific server configuration to be exploitable.

You can read about Raccoon here: https://raccoon-attack.com/

This was a joint work with Ruhr University Bochum, Tel Aviv University, and Bundesamt für Sicherheit in der Informationstechnik (BSI).