{"id":16958,"date":"2016-03-03T10:15:30","date_gmt":"2016-03-03T02:15:30","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=16958"},"modified":"2016-03-14T10:18:47","modified_gmt":"2016-03-14T02:18:47","slug":"drown-sslv2%e6%bc%8f%e6%b4%9e%e5%87%ba%e7%8f%be%e4%ba%86%ef%bc%8c%e8%ae%93%e4%b8%89%e5%88%86%e4%b9%8b%e4%b8%80%e7%9a%84https%e4%bc%ba%e6%9c%8d%e5%99%a8%e9%99%b7%e5%85%a5%e5%8d%b1%e9%9a%aa","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=16958","title":{"rendered":"DROWN SSLv2\u51fa\u73fe\u6f0f\u6d1e\uff0c\u4e09\u5206\u4e4b\u4e00\u7684HTTPS\u4f3a\u670d\u5668\u9677\u5165\u5371\u96aa"},"content":{"rendered":"

\u4e00\u500b\u300c\u65b0\u300d\u800c\u91cd\u8981\u7684\u6f0f\u6d1e\u88ab\u767c\u73fe\u4e86\uff0c\u6703\u5f71\u97ff\u5230 HTTPS\u53ca\u6709\u4f7f\u7528 SSL\/TLS\u7684\u670d\u52d9\u3002\u9019\u500b\u6f0f\u6d1e\u5b58\u5728\u65bcSSLv2\u5354\u5b9a\u4e2d\uff0c\u5f71\u97ff\u6240\u6709\u4f7f\u7528\u7684\u7a0b\u5f0f\u3002\u7814\u7a76\u4eba\u54e1\u5c07\u6b64\u653b\u64ca\u7a31\u70baDROWN<\/a>\uff0c\u300cDecrypting RSA using Obsolete and Weakened eNcryption\uff08\u5373\u5229\u7528\u904e\u6642\u548c\u5f31\u52a0\u5bc6\u4f86\u89e3\u5bc6RSA\uff09\u300d\u7684\u7e2e\u5beb\u3002\u6b64\u653b\u64ca\u8b93\u653b\u64ca\u8005\u53ef\u4ee5\u8b80\u53d6\u6216\u7aca\u53d6\u900f\u904e\u300c\u5b89\u5168\u300d\u9023\u7dda\u9001\u51fa\u7684\u8cc7\u8a0a\u3002\u76ee\u524d\u9084\u6c92\u6709\u5df2\u77e5\u7684\u771f\u5be6\u653b\u64ca\u767c\u751f\u3002<\/p>\n

DROWN\u548c\u5176\u4ed6SSLv2\u554f\u984c\u5728\u6700\u8fd1\u7684\u5b89\u5168\u901a\u5831\u4e2d\u4f7f\u7528\u4e0b\u5217CVE\u7de8\u865f\uff1a<\/p>\n