Bramble Handshake Protocol (BHP) in Briar before 1.5.3 is not forward secure

Bramble Handshake Protocol (BHP) in Briar before 1.5.3 is not forward secure

CVE-2023-33982 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Bramble Handshake Protocol (BHP) in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accounts if they later compromise both accounts. NOTE: the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden service protocol.

Learn more about our Network Penetration Testing.