BEAST attack
E200937
The BEAST attack is a cryptographic exploit that targets vulnerabilities in early versions of TLS/SSL to decrypt secure HTTPS traffic by abusing weaknesses in block cipher modes like CBC.
All labels observed (2)
| Label | Occurrences |
|---|---|
| BEAST attack canonical | 1 |
| Browser Exploit Against SSL/TLS | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T1798500 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: BEAST attack Context triple: [TLS 1.0, hasVulnerability, BEAST attack]
-
A.
Spritz cipher
Spritz cipher is a modern stream cipher and hash function designed by Ronald Rivest and Jacob Schuldt as a more secure and flexible successor to RC4.
-
B.
Shamir’s attack on RSA with low decryption exponent
Shamir’s attack on RSA with low decryption exponent is a cryptanalytic method that exploits unusually small private exponents in RSA to efficiently recover the secret key and break the encryption.
-
C.
differential cryptanalysis
Differential cryptanalysis is a powerful method of cryptanalysis that studies how differences in input can affect the resultant differences at the output of a cipher to reveal information about its secret key.
-
D.
Merkle puzzles
Merkle puzzles are an early cryptographic protocol that introduced the concept of public-key exchange by allowing two parties to establish a shared secret over an insecure channel using computationally asymmetric “puzzle” problems.
-
E.
Merkle–Damgård construction
The Merkle–Damgård construction is a fundamental method for building collision-resistant cryptographic hash functions from fixed-size compression functions, used in many classic hash algorithms like MD5 and SHA-1.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: BEAST attack Target entity description: The BEAST attack is a cryptographic exploit that targets vulnerabilities in early versions of TLS/SSL to decrypt secure HTTPS traffic by abusing weaknesses in block cipher modes like CBC.
-
A.
Spritz cipher
Spritz cipher is a modern stream cipher and hash function designed by Ronald Rivest and Jacob Schuldt as a more secure and flexible successor to RC4.
-
B.
Shamir’s attack on RSA with low decryption exponent
Shamir’s attack on RSA with low decryption exponent is a cryptanalytic method that exploits unusually small private exponents in RSA to efficiently recover the secret key and break the encryption.
-
C.
differential cryptanalysis
Differential cryptanalysis is a powerful method of cryptanalysis that studies how differences in input can affect the resultant differences at the output of a cipher to reveal information about its secret key.
-
D.
Merkle puzzles
Merkle puzzles are an early cryptographic protocol that introduced the concept of public-key exchange by allowing two parties to establish a shared secret over an insecure channel using computationally asymmetric “puzzle” problems.
-
E.
Merkle–Damgård construction
The Merkle–Damgård construction is a fundamental method for building collision-resistant cryptographic hash functions from fixed-size compression functions, used in many classic hash algorithms like MD5 and SHA-1.
- F. None of above. chosen
Statements (46)
| Predicate | Object |
|---|---|
| instanceOf |
TLS attack
ⓘ
chosen-plaintext attack ⓘ cryptographic attack ⓘ |
| abbreviation | BEAST ⓘ |
| affects |
HTTP over TLS
ⓘ
HTTPS ⓘ |
| attackType |
cipher-block chaining (CBC) attack
ⓘ
man-in-the-middle attack ⓘ |
| attackVector | active network attacker between client and server ⓘ |
| category | vulnerability in protocol design ⓘ |
| demonstratedBy |
Juliano Rizzo
ⓘ
Thai Duong ⓘ |
| doesExploit | interaction between CBC mode and TLS 1.0 record protocol ⓘ |
| doesNotExploit | flaws in specific cipher algorithms ⓘ |
| exploits |
predictable initialization vectors in TLS 1.0
ⓘ
vulnerability in CBC mode ⓘ |
| fullName |
BEAST attack
self-linksurface differs
ⓘ
surface form:
Browser Exploit Against SSL/TLS
|
| goal |
decryption of TLS-protected data
ⓘ
recovery of HTTP cookies ⓘ session hijacking ⓘ |
| influenced |
best practices for TLS configuration
ⓘ
migration to TLS 1.2 and TLS 1.3 ⓘ |
| mitigation |
1/n-1 record splitting
ⓘ
disabling CBC-based ciphersuites ⓘ use of RC4-based ciphersuites (historical, now discouraged) ⓘ use of TLS 1.1 or later ⓘ |
| notableConsequence | compromise of secure web sessions ⓘ |
| notableFeature | can gradually recover secret data byte by byte ⓘ |
| notableTarget |
TLS implementations using CBC ciphersuites
ⓘ
web browsers ⓘ |
| prompted |
changes in browser TLS configurations
ⓘ
deprecation of vulnerable CBC configurations in TLS 1.0 ⓘ |
| publicDisclosureEvent | Ekoparty Security Conference 2011 ⓘ |
| publicDisclosureYear | 2011 ⓘ |
| relatedTo |
CRIME attack
ⓘ
POODLE attack ⓘ |
| requires |
JavaScript or plugin-based code running in victim browser (in original demo)
ⓘ
ability to inject chosen plaintext into TLS sessions ⓘ ability to intercept HTTPS traffic ⓘ |
| requiresClientCondition | support for TLS 1.0 CBC ciphersuites ⓘ |
| securityImpact | confidentiality breach ⓘ |
| status | largely mitigated in modern TLS deployments ⓘ |
| targetsProtocol |
SSL
ⓘ
surface form:
Secure Sockets Layer
TLS ⓘ
surface form:
Transport Layer Security
|
| targetsVersion |
SSL 3.0
ⓘ
TLS 1.0 ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: BEAST attack Description of subject: The BEAST attack is a cryptographic exploit that targets vulnerabilities in early versions of TLS/SSL to decrypt secure HTTPS traffic by abusing weaknesses in block cipher modes like CBC.
Referenced by (2)
Full triples — surface form annotated when it differs from this entity's canonical label.