1

I have the following question about TLS security:

Assume TLS-PSK protected HTTP with AES256-CBC cipher. When a TLS connection is established, client sends some encrypted data, where the plaintext is well known to an attacker.
For example, it can be a HTTP request, like:

GET /some_resource HTTP/1.1
...

Can an attacker use intercepted ciphertext and known plaintext it to reveal the secret key?

Does TLS have any features to protect from that?

Andrey Moskvichev
  • 113
  • 3

1 Answers1

2

This question boils down to, "Are there known-plaintext attacks against AES-256-CBC?" The answer is: No, no such attacks better than brute force are known. This would constitute a catastrophic break in AES-256-CBC, and any cipher broken in such a way would be abandoned rapidly.

Stephen Touset
  • 11,162
  • 1
  • 39
  • 53