This is a non-IMPACT record, meaning that access to the data is not controlled by IMPACT. For access, see the directions below.

This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.


Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS
External Dataset
External Data Source
Internet-Wide Scan Data Repository
56 (lowest rank is 56)

Category & Restrictions

cyber attack, cyber crime, application layer security


We investigate nonce reuse issues with the GCM block cipher mode as used in TLS and focus in particular on AES-GCM, the most widely deployed variant.

With an Internet-wide scan we identified 184 HTTPS servers repeating nonces, which fully breaks the authenticity of the connections. Affected servers include large corporations, financial institutions, and a credit card company. We present a proof of concept of our attack allowing to violate the authenticity of affected HTTPS connections which in turn can be utilized to inject seemingly valid content into encrypted sessions. Furthermore, we discovered over 70,000 HTTPS servers using random nonces, which puts them at risk of nonce reuse, in the unlikely case that large amounts of data are sent via the same session. Fingerprints are SHA256 not SHA-1 as indicated. ;

Additional Details

gcm, nonce, tls, attacks, adversaries, nonce-disrespecting adversaries: practical forgery attacks on gcm in tls, practical, 1094, forgery, disrespecting, inferlink, corporation, external, external data source, inferlink corporation, source, reuse, cipher, investigate, aes, deployed, block, mode, issues, variant, focus, servers, https, connections, azet, nonces, authenticity, include, inject, company, violate, attack, encrypted, wide, breaks, org, risk, sha256, allowing, 184, discovered, random, valid, card, utilized, 000, institutions, fingerprints, corporations, proof, credit, repeating, other, financial, seemingly, content, sha, identified, amounts, scan, concept, session, sessions