Language Selection

English French German Italian Portuguese Spanish

Another Protocol Bites The Dust

Filed under
Security

For the last 6 weeks or so, a bunch of us have been working on a really serious issue in SSL. In short, a man-in-the-middle can use SSL renegotiation to inject an arbitrary prefix into any SSL session, undetected by either end.

To make matters even worse, through a piece of (in retrospect) incredibly bad design, HTTP servers will, under some circumstances, replay that arbitrary prefix in a new authentication context. For example, this is what happens if you configure Apache to require client certificates for one directory but not another. Once it emerges that your request is for a protected directory, a renegotiation will occur to obtain the appropriate client certificate, and then the original request (i.e. the stuff from the bad guy) gets replayed as if it had been authenticated by the client certificate. But it hasn’t.

Not that the picture is all rosy even when client certificates are not involved.




Vulnerability in SSL/TLS protocol

h-online.com: According to reports, vulnerabilities in the SSL/TLS protocol can be exploited by attackers to insert content into secure connections. If this is correct, it would affect HTTPS and all other protocols which use TLS for security, including IMAP. The precise effects of the problem are not discussed in the reports. It would, however, appear to be possible to manipulate HTML content from websites during data transfer and, for example, inject malicious code.

The crux of the problem is, rather than a flawed implementation, a design flaw in the TLS protocol when renegotiating parameters for an existing TLS connection. This occurs when, for example, a client wants to access a secure area on a web server which requires the requesting client certificates. When the server establishes that is the case, it begins a renegotiation to obtain the appropriate client certificate. The original request gets replayed during this renegotiation as if it had been authenticated by the client certificate, but it has not. The discoverer of the problem describes this as an "authentication gap".

Rest Here

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

HPLIP Vulnerability Closed in Ubuntu OSes

A HPLIP vulnerability has been identified and corrected in Ubuntu 15.04, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS operating systems. Read more

Raspberry Jams bring Pi enthusiasts together

When the first Raspberry Pi came out in 2012, it was no surprise when people in the tech community started to organize events focused around using the device. Software developers, hardware engineers, makers, teachers, children, and parents alike started to come together to learn about the Pi and what they could do with it. These events became known as Raspberry Jams, and they've inspired makers and educators around the world. Read more

AMD is working on a new Linux graphics driver to catch up with Nvidia

There’s no doubt about it: AMD’s Linux graphics drivers are behind Nvidia’s, something that will start mattering a lot more when Valve’s first Linux-based Steam Machines start hitting the market this November. AMD hasn’t turned the ship around yet, and big-name games are still only supporting Nvidia hardware when they launch on Linux. But AMD hasn’t been sitting on its hands. AMD’s developers are working on a new Linux driver architecture that will result in better open-source drivers, too—eventually. Read more

LibreOffice 5: The best office suite today won't cost you a dime

I've used LibreOffice as my main office suite since it forked from OpenOffice five years ago. Now its latest edition, LibreOffice 5.0, is better than ever. And, in my book, that means it's the best standalone office suite available in 2015. Read more