Understanding a TLS 1.3 0-RTT replay attack

You aren't missing that much. I think this cloudflare article near the end outlines possible attack vectors and scenarios quite nicely. Depending on the security of the networks and web apps, 0-RTT may not be responded to pending what kind of parameters or certain types of headers. If an attacker has already figured out how to insert himself and gain visibility to what he would want to replay on a vulnerable host, there are worse risks elsewhere to look out for first. Something like a 0-RTT replay that has parameters and an authenticated session cookie and a HTTP downgrade could be plausible. But in the pentester's world, that's alot of work.

Tags:

Cryptography

Tls

Related

Should a vulnerability in a service that is present on the device, but not running and not used at all, be mentioned in the vulnerability report? Does the X-Permitted-Cross-Domain-Policies header have any benefit for my website if I'm not using Adobe products? HTTP Digest Authentication: Does the server store plaintext passwords? Someone is trying to access my mail account, what safe actions can I take? Are encrypted Cookies vulnerable to Padding Oracle Attacks Why is Firefox (and only Firefox) reporting that my connection is insecure on multiple sites? Did I stumble upon a cell hidden network or is my device being attacked? Why would I choose SHA-256 over SHA-512 for a SSL/TLS certificate? How might the Chinese government be blocking only specific types of WhatsApp traffic? Are non-SSL connections safe in a local wireless network with password protection What can I do after an attack to our system that hit our login route? Can a CSV contain malicious code?

Recent Posts