Home Tags Confidentiality

Tag: Confidentiality

Tesla says NTSB worries more about “headlines than actually promoting safety.”
Bouncy Castle BKS version 1 keystore files use an HMAC that is only 16 bits long,which can allow an attacker to compromise the integrity of a BKS-V1 keystore.
A vulnerability in certain authentication controls in the account services of Cisco Spark could allow an authenticated, remote attacker to interact with and view information on an affected device that would normally be prohibited. The vulnerabilit...
The P1735 IEEE standard describes methods for encrypting electronic-design intellectual property(IP),as well as the management of access rights for such IP.

The methods are flawed and,in the most egregious cases,enable attack vectors that allow recovery of the entire underlying plaintext IP.
Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key,among other impacts.
Wi-Fi Protected Access(WPA,more commonly WPA2)handshake traffic can be manipulated to induce nonce and session key reuse,resulting in key reinstallation by a wireless access point(AP)or client.

An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used.

Attacks may include arbitrary packet decryption and injection,TCP connection hijacking,HTTP content injection,or the replay of unicast and group-addressed frames.

These vulnerabilities are referred to as Key Reinstallation Attacks orKRACKattacks.