TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

F5 Labs

We Expected SSL Everywhere, and It’s Well on the Way

2016-08-02 · Read original ↗

ATT&CK techniques detected

4 predictions
T1573.002Asymmetric Cryptography
79%
“that are safe today may not remain so in the future. ssl has a passive surveillance countermeasure called perfect forward secrecy ( pfs ) protection that adds an additional exchange to the key establishment protocol between the two sides of the ssl connection. when pfs is enabled…”
T1573.002Asymmetric Cryptography
71%
“merchant. the stakes around ssl have been up - leveled to the limit. whether or not it ’ s convenient to admit, it ’ s time for organizations to up - level their overall security posture to protect this last line of defense. bringing cryptography to the commoner long before the d…”
T1573.002Asymmetric Cryptography
38%
“security project ( owasp ) maintains a best practices guide for ssl. the ssl labs project provides a comprehensive test tool that can assist administrators in evaluating their site ’ s security posture. among the practices recommended are methods for future - proofing ciphertext,…”
T1573.002Asymmetric Cryptography
34%
“we expected ssl everywhere, and it ’ s well on the way author update : july 2016 — my lifelong fascination with cryptography inspired this story, which i had the pleasure of writing two years ago. that ’ s a long time in “ internet ” years, yet the story is still as relevant toda…”

Summary

Malicious actors and eavesdroppers are forcing Internet communication into a single cryptographic protocol: SSL.