Researchers at the Ruhr University of Bochum (RUB) say they have succeeded in cracking parts of the XML encryption used in web services, thus making it possible to decrypt encrypted data. The official W3C XML encryption specification is designed to allow the secure transmission of information between different e-commerce and financial systems. The attack is limited to where AES is used for encryption in the cipher-block chaining (CBC) mode; other techniques, such as using an RSA key and X.509 certificates, are not susceptible.
According to the researchers, IBM, Microsoft and Red Hat Linux use the standard solution in web service applications for a number of large customers. The researchers say that, based on their findings, the standard should now be considered insecure. They plan to publish details about the problem at the upcoming ACM Conference in Chicago (ACM CCS 2011).
LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info.
Thank You !
-Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You!
-Team VOGH
Categories:
security-news
,
vulnerablity