Disclosure:
Affiliate Commissions

While vpnMentor may receive commissions when a purchase is made using our links, this has no influence on the reviews content or on the reviewed products/services. We provide direct links to purchase products that are part of affiliate programs.

• Ownership

vpnMentor is owned by Kape Technologies PLC, which owns the following products: CyberGhost, ZenMate, Private Internet Access, and Intego, which may be reviewed on this website.

• Professional Reviews

vpnMentor contains reviews that are written by our community reviewers, and are based on the reviewers' independent and professional examination of the products/services.

• Reviews Guidelines

The reviews published on vpnMentor are written by experts that examine the products according to our strict reviewing standards. Such standards ensure that each review is based on the independent, professional and honest examination of the reviewer, and takes into account the technical capabilities and qualities of the product together with its commercial value for users, which may also affect the product's ranking on the website.

Interview with cryptographer Tibor Jager on TLS, attacks, and countermeasures

Dr. Tibor Jager is an academic cryptographer, doing research in applied and theoretical cryptography. He teaches computer networks and IT security at Ruhr University Bochum and speaks in various international events on cryptography and cybersecurity.

vpnMentor: In your presentation* you mentioned we still use a TLS protocol that was introduced in 1999. Doesn’t that mean that everything works very well and we can feel secure?
*Attached at the end of this page are Dr. Jager’s presentations in a conference at the Center for Research in Applied Cryptography and Cybersecurity of Bart Ilan University, May 2, 2016).

Indeed TLS 1.0 is not bad. We know a few issues with the protocol but we don’t know how to exploit them. It is not that I don’t sleep at night because of the risks, but looking at the objective issues that researchers show, there is some real concern that users can be exploited.

Dr Tibor Jager

Dr. Tibor Jager presenting at BIU, May 02 2016

vpnMentor: You won the “Best Contribution to IETF Award.” Tell us about that.

This award was given for significant contribution to TLS 1.3. There were many other contributions that are significant and I would consider stronger than ours. But what made our paper noticeable was that we showed not only the effects on TLS 1.3 but also on X.509 (an important standard for a public key infrastructure). The attack we described is not directly based on a weakness of TLS, but rather on a subtle combination with a deficiency of X.509. The intention of IETF by giving this to us, in my opinion, was to point out some things that can be fixed there as well.

vpnMentor: Germany is known as a privacy advocates nation. What makes Germans such leaders in this subject in your opinion?
It is hard for me to say. As a German, I find it obvious that I should have my privacy online as well. It surprises me that other nations don’t.

vpnMentor: What do attackers try to achieve? Are they in it for the gain or for intellectual achievement?

There are so many types of attackers.

  1. Nation states that want to prevent terrorism, or possibly even to control opinion.
  2. Attackers that want some financial gain, and unlike nation states that want to “read only” maybe, these gain attackers want to also inject information many a time.
  3. And there are some users that are just curious about the use of technology.

vpnMentor: Looking at the skill set required to be a hacker, do you think some of your fellow professors in the academy go back home at night and put on the “Guy Faux mask,” penetrating the Pentagon?

I know my colleagues very well so I’m sure they are not doing this. At first glance, hacking looks very sophisticated and you may think that it requires a skill set that is very outstanding. But once you know how it works, you understand anybody can be a hacker just by watching a few videos on YouTube and reading a few articles.

vpnMentor: What is your opinion on the matter of online privacy vs defending citizens from terrorists?

If I had an answer to this, I would be in politics. It is important to have a good balance but the decision is not easy.

vpnMentor: What tools/browsers are you using differently from your mom?

I’m teaching my mom how to use a web browser in the right way and not give out information. Overall, I’m very careful about what sites I visit and what files I’m downloading.

 

About the Author

Ariel Hochstadt, Formerly Gmail Marketing Manager globally for Google, and today web entrepreneur. Ariel is a successful international speaker and author of 3 published books on computers and internet. He is the co-founder of vpnMentor and an advocate of online privacy.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
Voted by Users
Thank you for your feedback
Comment Comment must be from 5 to 2500 characters long.