Is Secure Sockets Layer broken?

“If you believe some of the reports, secure connections as we know are worthless”, he says, adding that, whilst this issue may seem quite complex for most users, the bottom line is that the security of encryption systems rely on two features: that the attacker does not know the key used to encrypt the message and the attacker does not know the nature of message being sent.

“However, if the attacker can trick your browser into sending some known plain-text over the target Secure Sockets Layer (SSL) connection and they can also capture a copy of that message in transit, then the possibility arises of decoding other plain-text within the same message. While having a copy of a known message encrypted is not as good as having that key, it does give the attacker a good foothold making the cryptanalysis of the message much easier”, he explains in his latest security posting.

“Now that the attacker now has the capability, with some effort, to decode parts of the of messages sent by the user to the secure server. It should be noted that the this attack only works on one direction at a time. Using this method it is possible to decode portions of other plain-text in the same message as our injected text”, he adds.

April goes on to say that the Beast toolkit released by the Far Eastern researchers earlier this month uses this capability to extract session cookies that can be used to hijack the user session.

And here's where it gets interesting, as the Trend Micro senior threat researcher says that security experts have known for years that TLS/SSL is potentially vulnerable to this kind of attack.

“Simply put, the Beast toolkit did not reveal anything we don’t already know. What it did was to package this attack into an easy to use form that vastly reduces the resources and skills required to execute it”, he explained.

April notes that there has been a lot of talk about this being a man-in-the-middle attack, but it can just as easily be executed with browser and local network access. Depending on network configurations, he argues that the sniffer could reside on the target host or an adjacent host.

“There is a great deal of infrastructure flexibility possible here”, he says.

So what can users do about this problem?

April says that users should keep time spent on sensitive SSL sessions as short as possible, as the attacker needs time to decode the encrypted message. If the session cookie is invalid before the attacker has finished, he asserts, this attack fails.

“When leaving an SSL protected site, be sure to actually log out, not just move to a new site. In many cases, actively logging out will invalidate any cookie/session data that the attacker may have successfully decoded”, he says.

April concludes that standard security best practices still work - for this attack to be successful, he says that the attacker must have access to either your network or your computer. At the very least, he adds, up-to-date security software will make life harder for an attacker. 


What’s Hot on Infosecurity Magazine?