Skip to main content

2. SSL 2.0 Deficiencies

SSL version 2.0 [SSL2] deficiencies include the following:

  • Message authentication uses MD5 [MD5]. Most security-aware users have already moved away from any use of MD5 [RFC6151].

  • Handshake messages are not protected. This permits a man-in-the-middle to trick the client into picking a weaker cipher suite than it would normally choose.

  • Message integrity and message encryption use the same key, which is a problem if the client and server negotiate a weak encryption algorithm.

  • Sessions can be easily terminated. A man-in-the-middle can easily insert a TCP FIN to close the session, and the peer is unable to determine whether or not it was a legitimate end of the session.

Last updated on