Featured Research

from universities, journals, and other organizations

Security protocol for online banking and Facebook has ‘serious weaknesses,’ say researchers

Date:
February 4, 2013
Source:
University of Royal Holloway London
Summary:
The protocol that provides security for online banking, credit card data and Facebook has major weaknesses, according to researchers.

The protocol that provides security for online banking, credit card data and Facebook has major weaknesses, according to researchers at Royal Holloway University.

The Transport Layer Security (TLS) protocol is used by millions of people on a daily basis. It provides security for online banking, as well as for credit card data when shopping on the Internet. In addition, many email systems in the workplace use it, as well as a number of big companies including Facebook and Google.

Professor Kenny Paterson from the Information Security Group at Royal Holloway and PhD student Nadhem AlFardan found that a so-called 'Man-in-the Middle' attack can be launched against TLS and that sensitive personal data can be intercepted in this way. They have identified a flaw in the way in which the protocol terminates TLS sessions. This leaks a small amount of information to the attacker, who can use it to gradually build up a complete picture of the data being sent.

Professor Paterson said: "While these attacks do not pose a significant threat to ordinary users in its current form, attacks only get better with time. Given TLS's extremely widespread use, it is crucial to tackle this issue now.

"Luckily we have discovered a number of countermeasures that can be used. We have been working with a number of companies and organisations, including Google, Oracle and OpenSSL, to test their systems against attack and put the appropriate defences in place."


Story Source:

The above story is based on materials provided by University of Royal Holloway London. Note: Materials may be edited for content and length.


Cite This Page:

University of Royal Holloway London. "Security protocol for online banking and Facebook has ‘serious weaknesses,’ say researchers." ScienceDaily. ScienceDaily, 4 February 2013. <www.sciencedaily.com/releases/2013/02/130203212413.htm>.
University of Royal Holloway London. (2013, February 4). Security protocol for online banking and Facebook has ‘serious weaknesses,’ say researchers. ScienceDaily. Retrieved April 16, 2014 from www.sciencedaily.com/releases/2013/02/130203212413.htm
University of Royal Holloway London. "Security protocol for online banking and Facebook has ‘serious weaknesses,’ say researchers." ScienceDaily. www.sciencedaily.com/releases/2013/02/130203212413.htm (accessed April 16, 2014).

Share This



More Computers & Math News

Wednesday, April 16, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Twitter, Apple Social Data Purchases Likely to Spur More Mergers and Acquisitions

Twitter, Apple Social Data Purchases Likely to Spur More Mergers and Acquisitions

TheStreet (Apr. 16, 2014) — The social media data space is likely to see more mergers and acquisitions following Twitter Inc.'s acquisition of tweet analyzer Gnip Inc. on Tuesday and Apples Inc.'s purchase of Topsy Labs Inc. back in December. One firm in particular, the U.K.'s DataSift Inc., could be on the list of potential buyers. Among other social media startups that could be ripe for picking is Banjo, whose mobile app provides aggregated content by topic and location. Banjo could also be a good fit for Twitter. Video provided by TheStreet
Powered by NewsLook.com
Google Patents Contact Lens Cameras; Internet Is Wary

Google Patents Contact Lens Cameras; Internet Is Wary

Newsy (Apr. 15, 2014) — Google has filed for a patent to develop contact lenses capable of taking photos. The company describes possible benefits to blind people. Video provided by Newsy
Powered by NewsLook.com
NYPD Ends Muslim Surveillance Program

NYPD Ends Muslim Surveillance Program

AP (Apr. 15, 2014) — The New York City Police Department has ended a program that once kept tabs on the city's muslim population. (April 15) Video provided by AP
Powered by NewsLook.com
Images Of Rumored Amazon Smartphone Leaked

Images Of Rumored Amazon Smartphone Leaked

Newsy (Apr. 15, 2014) — BGR has leaked images of what could be Amazon's smartphone. The outlet's been right about Amazon leaks before. Sources expect an announcement in June. Video provided by Newsy
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
 
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:  

Breaking News:
from the past week

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:  

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile iPhone Android Web
Follow Facebook Twitter Google+
Subscribe RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins