BEAST (CVE-2011-3389)

BEAST is the chosen-plaintext attack against TLS 1.0 CBC ciphers that decrypted authenticated-session cookies in 2011.

Definition

BEAST (Browser Exploit Against SSL/TLS, CVE-2011-3389) is a chosen-plaintext attack on TLS 1.0's CBC mode. An attacker who can inject JavaScript that makes the browser send chosen plaintext alongside an authenticated cookie can recover the cookie's bytes one at a time. The disclosure prompted browser vendors to add 1/n-1 record splitting (a per-record IV randomisation hack) and accelerated TLS 1.1 / 1.2 adoption.

Mitigation

Use TLS 1.2 or later. Disable TLS 1.0.

See also

References