09.23.2016
Security

Security Update: Protecting our network against SWEET32 vulnerabilities (CVE-2016-2183)

Security Update: Protecting our network against SWEET32 vulnerabilities (CVE-2016-2183)
On August 24, 2016, security experts disclosed a vulnerability (CVE-2016-2183) in the 3DES block cipher, which is commonly used in SSL/TLS communication over the internet. This vulnerability, named SWEET32, exploits a limitation in 3DES that allows remote attackers to obtain partial or full cleartext by monitoring an encrypted HTTPS session for a sufficiently long period of time. With enough encrypted data, the attacker will eventually find a "collision" between two encrypted blocks of text, which will then allow them to recover the plaintext of those blocks.
Within 30 days, our team will be removing 3DES from our CDN's default cipher suite. We will continue to support 3DES for our customers on a case-by-case basis. Any of our customers that require this support will need to contact our support team by September 30, 2016 to avoid any disruption in service.
If you have any questions, please contact our support team in our Network Operations Center.

Advertise with us

Let’s work together to make your next campaign a success!

  • Advertise with us
  • Find the right advertising solutions for your business.
  • Join us
  • Spend every day connecting people with the things they love.
  • Follow us
© 2021 Verizon Media. All Rights Reserved