{
	"id": "7b415575-f0d9-4caf-8561-771d6d993517",
	"created_at": "2026-04-06T00:08:57.767638Z",
	"updated_at": "2026-04-10T13:11:23.26218Z",
	"deleted_at": null,
	"sha1_hash": "4c6d224e4f75a7c23d3da0efde7c8829ec569d6c",
	"title": "What's in a Downgrade? A Taxonomy of Downgrade Attacks in the TLS Protocol and Application Protocols Using TLS",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 33601,
	"plain_text": "What's in a Downgrade? A Taxonomy of Downgrade Attacks in the\r\nTLS Protocol and Application Protocols Using TLS\r\nBy [Submitted on 15 Sep 2018 (v1), last revised 26 Jan 2019 (this version, v2)]\r\nArchived: 2026-04-05 19:57:24 UTC\r\nView PDF\r\nAbstract:A number of important real-world protocols including the Transport Layer Security (TLS)\r\nprotocol have the ability to negotiate various security-related choices such as the protocol version and\r\nthe cryptographic algorithms to be used in a particular session. Furthermore, some insecure application-layer protocols such as the Simple Mail Transfer Protocol (SMTP) negotiate the use of TLS itself on top\r\nof the application protocol to secure the communication channel. These protocols are often vulnerable\r\nto a class of attacks known as downgrade attacks which targets this negotiation mechanism. In this\r\npaper we create the first taxonomy of TLS downgrade attacks. Our taxonomy classifies possible attacks\r\nwith respect to four different vectors: the protocol element that is targeted, the type of vulnerability that\r\nenables the attack, the attack method, and the level of damage that the attack causes. We base our\r\ntaxonomy on a thorough analysis of fifteen notable published attacks. Our taxonomy highlights clear\r\nand concrete aspects that many downgrade attacks have in common, and allows for a common\r\nlanguage, classification, and comparison of downgrade attacks. We demonstrate the application of our\r\ntaxonomy by classifying the surveyed attacks.\r\nSubmission history\r\nFrom: Eman Alashwali [view email]\r\n[v1] Sat, 15 Sep 2018 09:22:50 UTC (132 KB)\r\n[v2] Sat, 26 Jan 2019 10:58:37 UTC (132 KB)\r\nSource: https://arxiv.org/abs/1809.05681\r\nhttps://arxiv.org/abs/1809.05681\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://arxiv.org/abs/1809.05681"
	],
	"report_names": [
		"1809.05681"
	],
	"threat_actors": [],
	"ts_created_at": 1775434137,
	"ts_updated_at": 1775826683,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/4c6d224e4f75a7c23d3da0efde7c8829ec569d6c.pdf",
		"text": "https://archive.orkl.eu/4c6d224e4f75a7c23d3da0efde7c8829ec569d6c.txt",
		"img": "https://archive.orkl.eu/4c6d224e4f75a7c23d3da0efde7c8829ec569d6c.jpg"
	}
}