No announcement yet.

Web Servers - Encryption Weaknesses

  • Time
  • Show
Clear All
new posts

  • Web Servers - Encryption Weaknesses

    Because of the nature of web applications, encryption plays a key role. Because of the sensitivity of information and the fact that this information often passes untrusted networks going back and forth between the server and the client, it is critical to include modern encryption while the data is in transit. This information can be of any type such as usernames and passwords or any other classified information. When web applications are developed it is critical to consider encryption for both data in transit and data on storage.

    Weak Ciphers
    Weak ciphers or poor encoding algorithms are those that use short keys or are poorly designed and implemented. The use of weak ciphers may allow an attacker to decrypt data and gain unauthorized access to the information. Note that some well designed algorithms may provide stronger encryption despite shorter keys than poorly designed algorithms with longer key sizes.

    Vulnerable Software
    Some software with poor implementations of encryption such as Secure Sockets Layer (SSL) and Wired Equivalent Privacy (WEP) and the way they use Initialization Vectors (IVs) becomes vulnerable to different types of attacks.
    Certified Security Geek