Bookmark
Hackers break SSL encryption used by millions of sites • The Register
www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/, posted 2011 by peter in communication networking security toread
At the moment, BEAST requires about two seconds to decrypt each byte of an encrypted cookie. That means authentication cookies of 1,000 to 2,000 characters long will still take a minimum of a half hour for their PayPal attack to work. Nonetheless, the technique poses a threat to millions of websites that use earlier versions of TLS, particularly in light of Duong and Rizzo's claim that this time can be drastically shortened.