olemus
rünne, mis esimese sammuna
viib tagasiühilduva süsteemi või sideprotokolli
uuemalt (enamasti turvalisemalt) tööviisilt
endise versiooni omale,
hõlbustades järgmist ründesammu;
sageli krüptosüsteemide vahendusründe osa;
on protokollistiku SSL/TLS probleem
=
an attack that seeks to cause a connection, protocol, or cryptographic algorithm to drop to an older and less secure version

ülevaateid
https://en.wikipedia.org/wiki/Downgrade_attack

https://f0rki.at/slides/f0rki-downgrade-attacks-by-example-bsidesvienna2012.pdf

https://www.praetorian.com/blog/man-in-the-middle-tls-ssl-protocol-downgrade-attack?edition=2019

https://www.elie.net/blog/understanding-how-tls-downgrade-attacks-prevent-email-encryption

https://support.broadcom.com/security-advisory/content/0/0/SYMSA1219

https://tlseminar.github.io/downgrade-attacks/

https://www.usenix.org/system/files/foci20-paper33-slides_huang.pdf

https://www.cs.ox.ac.uk/files/10029/downgrade-taxonomy-18.pdf

tõrje
https://www.venafi.com/blog/preventing-downgrade-attacks

https://datatracker.ietf.org/meeting/84/materials/slides-84-tls-4

https://tools.ietf.org/rfc/rfc7507.txt

https://www.felixguenther.info/teaching/2019-tls-seminar/2019-tls-seminar_03-14_DowngradeResilience-slides.pdf

https://eprint.iacr.org/2016/072.pdf

https://helda.helsinki.fi//bitstream/handle/10138/308155/SSR2018_Khan.pdf?sequence=1