Featured Research

from universities, journals, and other organizations

Security protocol for online banking and Facebook has ‘serious weaknesses,’ say researchers

Date:
February 4, 2013
Source:
University of Royal Holloway London
Summary:
The protocol that provides security for online banking, credit card data and Facebook has major weaknesses, according to researchers.

The protocol that provides security for online banking, credit card data and Facebook has major weaknesses, according to researchers at Royal Holloway University.

The Transport Layer Security (TLS) protocol is used by millions of people on a daily basis. It provides security for online banking, as well as for credit card data when shopping on the Internet. In addition, many email systems in the workplace use it, as well as a number of big companies including Facebook and Google.

Professor Kenny Paterson from the Information Security Group at Royal Holloway and PhD student Nadhem AlFardan found that a so-called 'Man-in-the Middle' attack can be launched against TLS and that sensitive personal data can be intercepted in this way. They have identified a flaw in the way in which the protocol terminates TLS sessions. This leaks a small amount of information to the attacker, who can use it to gradually build up a complete picture of the data being sent.

Professor Paterson said: "While these attacks do not pose a significant threat to ordinary users in its current form, attacks only get better with time. Given TLS's extremely widespread use, it is crucial to tackle this issue now.

"Luckily we have discovered a number of countermeasures that can be used. We have been working with a number of companies and organisations, including Google, Oracle and OpenSSL, to test their systems against attack and put the appropriate defences in place."


Story Source:

The above story is based on materials provided by University of Royal Holloway London. Note: Materials may be edited for content and length.


Cite This Page:

University of Royal Holloway London. "Security protocol for online banking and Facebook has ‘serious weaknesses,’ say researchers." ScienceDaily. ScienceDaily, 4 February 2013. <www.sciencedaily.com/releases/2013/02/130203212413.htm>.
University of Royal Holloway London. (2013, February 4). Security protocol for online banking and Facebook has ‘serious weaknesses,’ say researchers. ScienceDaily. Retrieved September 20, 2014 from www.sciencedaily.com/releases/2013/02/130203212413.htm
University of Royal Holloway London. "Security protocol for online banking and Facebook has ‘serious weaknesses,’ say researchers." ScienceDaily. www.sciencedaily.com/releases/2013/02/130203212413.htm (accessed September 20, 2014).

Share This



More Computers & Math News

Saturday, September 20, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

What This MIT Sensor Could Mean For The Future Of Robotics

What This MIT Sensor Could Mean For The Future Of Robotics

Newsy (Sep. 20, 2014) — MIT researchers developed a light-based sensor that gives robots 100 times the sensitivity of a human finger, allowing for "unprecedented dexterity." Video provided by Newsy
Powered by NewsLook.com
How To Protect Your Data In The Still-Vulnerable iOS 8

How To Protect Your Data In The Still-Vulnerable iOS 8

Newsy (Sep. 20, 2014) — One security researcher says despite Apple's efforts to increase security in iOS 8, it's still vulnerable to law enforcement data-transfer techniques. Video provided by Newsy
Powered by NewsLook.com
How Much Privacy Protection Will Google's Android L Provide?

How Much Privacy Protection Will Google's Android L Provide?

Newsy (Sep. 19, 2014) — Google's local encryption will make it harder for law enforcement or malicious actors to access the contents of devices running Android L. Video provided by Newsy
Powered by NewsLook.com
Virtual Reality Headsets Unveiled at Tokyo Game Show

Virtual Reality Headsets Unveiled at Tokyo Game Show

AFP (Sep. 18, 2014) — Several companies unveiled virtual reality headsets at the Tokyo Game Show, Asia's largest digital entertainment exhibition. Duration: 00:48 Video provided by AFP
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
 
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:  

Breaking News:
from the past week

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:  

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile iPhone Android Web
Follow Facebook Twitter Google+
Subscribe RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins