Featured Research

from universities, journals, and other organizations

Security protocol for online banking and Facebook has ‘serious weaknesses,’ say researchers

Date:
February 4, 2013
Source:
University of Royal Holloway London
Summary:
The protocol that provides security for online banking, credit card data and Facebook has major weaknesses, according to researchers.

The protocol that provides security for online banking, credit card data and Facebook has major weaknesses, according to researchers at Royal Holloway University.

The Transport Layer Security (TLS) protocol is used by millions of people on a daily basis. It provides security for online banking, as well as for credit card data when shopping on the Internet. In addition, many email systems in the workplace use it, as well as a number of big companies including Facebook and Google.

Professor Kenny Paterson from the Information Security Group at Royal Holloway and PhD student Nadhem AlFardan found that a so-called 'Man-in-the Middle' attack can be launched against TLS and that sensitive personal data can be intercepted in this way. They have identified a flaw in the way in which the protocol terminates TLS sessions. This leaks a small amount of information to the attacker, who can use it to gradually build up a complete picture of the data being sent.

Professor Paterson said: "While these attacks do not pose a significant threat to ordinary users in its current form, attacks only get better with time. Given TLS's extremely widespread use, it is crucial to tackle this issue now.

"Luckily we have discovered a number of countermeasures that can be used. We have been working with a number of companies and organisations, including Google, Oracle and OpenSSL, to test their systems against attack and put the appropriate defences in place."


Story Source:

The above story is based on materials provided by University of Royal Holloway London. Note: Materials may be edited for content and length.


Cite This Page:

University of Royal Holloway London. "Security protocol for online banking and Facebook has ‘serious weaknesses,’ say researchers." ScienceDaily. ScienceDaily, 4 February 2013. <www.sciencedaily.com/releases/2013/02/130203212413.htm>.
University of Royal Holloway London. (2013, February 4). Security protocol for online banking and Facebook has ‘serious weaknesses,’ say researchers. ScienceDaily. Retrieved August 22, 2014 from www.sciencedaily.com/releases/2013/02/130203212413.htm
University of Royal Holloway London. "Security protocol for online banking and Facebook has ‘serious weaknesses,’ say researchers." ScienceDaily. www.sciencedaily.com/releases/2013/02/130203212413.htm (accessed August 22, 2014).

Share This




More Computers & Math News

Friday, August 22, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Apple iPhone 6 Screen Hits Snag Ahead of Launch

Apple iPhone 6 Screen Hits Snag Ahead of Launch

Reuters - Business Video Online (Aug. 22, 2014) — Reuters has learned Apple is scrambling to get enough screens ready for the iPhone 6. Sources say it's unclear whether this could delay the launch. Fred Katayama reports. Video provided by Reuters
Powered by NewsLook.com
Is Apple's iMessage Really Being Overrun By Spammers?

Is Apple's iMessage Really Being Overrun By Spammers?

Newsy (Aug. 21, 2014) — A report says more than one third of all SMS spam over the past year came from a "single campaign" using iMessage and targeting iPhone users. Video provided by Newsy
Powered by NewsLook.com
Families Can Now Ask Twitter To Remove Photos Of Deceased

Families Can Now Ask Twitter To Remove Photos Of Deceased

Newsy (Aug. 20, 2014) — In the wake of a high-profile harassment case, Twitter says family members can ask for photos of dying or dead relatives to be taken down. Video provided by Newsy
Powered by NewsLook.com
Ballmer Leaves Microsoft's Board, Has Advice For Nadella

Ballmer Leaves Microsoft's Board, Has Advice For Nadella

Newsy (Aug. 19, 2014) — In a letter to Microsoft CEO Satya Nadella, Ballmer said he's leaving the board of directors and offered tips on how the company can be successful. Video provided by Newsy
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
 
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:  

Breaking News:
from the past week

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:  

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile iPhone Android Web
Follow Facebook Twitter Google+
Subscribe RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins