

Plaintext recovery on TLS when using CBC using timing attack - runn1ng
http://www.isg.rhul.ac.uk/tls/TLStiming.pdf

======
runn1ng
"We have demonstrated a variety of attacks against implemen-tations of (D)TLS.
We reiterate that the attacks are ciphertext-only, and so can be carried out
by the standard MITM attacker, without a chosen-plaintext capability."

