Posted by: Dan O'Connor
tls beast, tls hack, tls v1 vulnerability, tls vulnerability
The basic premise of the attack that BEAST will preform is a chosen plain text attack. A chosen plain text is a type of crypto attack that the attacker is in a position to feed text in to the cypher then analyze the output. This allows the attacker to gain a good understanding of the crypto system and even deduce the key.
Everything I have found says that this has been in TLS since it’s initial release, but was considered too difficult. Also It does not exist in the later releases.
The best advice I can give is for everyone to move off of it.