7

Now that the BEAST is public knowledge, TLS 1.0 is NOT safe to use (nor is SSL 3.0). I have seen reports that the RC4 cipher is unaffected (and is widely supported). Is that true?

I know that TLS 1.1 is immune. But out of the 1,000,000 most popular SSL/TLS enabled websites, only a few (221) support TLS 1.1 or higher.

The exploit is restricted to browsers because it requires JavaScript or Browser Plugins via MITM. PayPal.com is vulnerable, as of this writing.

unixman83
  • 1,972

1 Answers1

5

Correct; RC4 is a stream cipher, and is not affected.

The flaw is in CBC message construction, so the ciphers using CBC (there's a bunch, but AES and 3DES are the most popular) are all affected.

Shane Madden
  • 116,404
  • 13
  • 187
  • 256