A. Forces TLS negotiation to SSL 3.0 by injecting errors into successive handshake attempts until the client falls back to the legacy protocol
B. A 128-bit hash algorithm published in 1992; practical collisions demonstrated in 2004; used to forge a CA-signed certificate in December 2008
C. A search strategy that finds any two inputs producing the same hash digest in approximately βN operations for a hash with N possible outputs
D. An on-path attack that intercepts a server's HTTP-to-HTTPS redirect, keeping the victim on plaintext HTTP while the attacker maintains an HTTPS session with the server