DROWN (Decrypting RSA with Obsolete and Weakened eNcryption)



This document will examine DROWN (Decrypting RSA with Obsolete and Weakened eNcryption), which is a vulnerability that attacks the TLS protocol while traversing secure HTTPS connections. This vulnerability is especially dangerous to any organization engaged in E-commerce with the need to complete financial transactions. TLS establishes secure HTTPS connections, which is typically done through the use of a web browser, allowing users to utilize applications such as: email, online shopping, instant messaging, online education, etc.… all with the benefit of an encrypted connection. Continue reading