An attack on MySQL's login protocol
| Autor: | Arce, Ivan, Kargieman, Emiliano, Richarte, Gerardo, Sarraute, Carlos, Waissbein, Ariel |
|---|---|
| Rok vydání: | 2010 |
| Předmět: | |
| Druh dokumentu: | Working Paper |
| Popis: | The MySQL challenge-and-response authentication protocol is proved insecure. We show how can an eavesdropper impersonate a valid user after witnessing only a few executions of this protocol. The algorithm of the underlying attack is presented. Finally we comment about implementations and statistical results. Comment: 15 pages, 3 figures. CoreLabs Technical Report |
| Databáze: | arXiv |
| Externí odkaz: |
|