Check |
Vulnerable to Sweet32.
|
Description |
The server is vulnerable to Sweet32, which allows an attacker under certain circumstances to decrypt parts of the communication if large amounts of data are transferred over a connection.
|
Background |
The attack exploits 64-bit block ciphers. The Sweet32 attack allows an attacker, under certain circumstances, to recover small pieces of text when encrypted with 64-bit block ciphers (such as 3DES). The attack is not very easy to perform, so the threat is limited.
|
Consequence |
The server is vulnerable through Sweet32, which allows an attacker to decrypt the communication.
|
Solution/Tips |
Wherever possible, it is best not to use triple DES. Deactivate block ciphers with a block length of 64 bits.
|