Language Selection

English French German Italian Portuguese Spanish

Another Protocol Bites The Dust

Filed under
Security

For the last 6 weeks or so, a bunch of us have been working on a really serious issue in SSL. In short, a man-in-the-middle can use SSL renegotiation to inject an arbitrary prefix into any SSL session, undetected by either end.

To make matters even worse, through a piece of (in retrospect) incredibly bad design, HTTP servers will, under some circumstances, replay that arbitrary prefix in a new authentication context. For example, this is what happens if you configure Apache to require client certificates for one directory but not another. Once it emerges that your request is for a protected directory, a renegotiation will occur to obtain the appropriate client certificate, and then the original request (i.e. the stuff from the bad guy) gets replayed as if it had been authenticated by the client certificate. But it hasn’t.

Not that the picture is all rosy even when client certificates are not involved.




Vulnerability in SSL/TLS protocol

h-online.com: According to reports, vulnerabilities in the SSL/TLS protocol can be exploited by attackers to insert content into secure connections. If this is correct, it would affect HTTPS and all other protocols which use TLS for security, including IMAP. The precise effects of the problem are not discussed in the reports. It would, however, appear to be possible to manipulate HTML content from websites during data transfer and, for example, inject malicious code.

The crux of the problem is, rather than a flawed implementation, a design flaw in the TLS protocol when renegotiating parameters for an existing TLS connection. This occurs when, for example, a client wants to access a secure area on a web server which requires the requesting client certificates. When the server establishes that is the case, it begins a renegotiation to obtain the appropriate client certificate. The original request gets replayed during this renegotiation as if it had been authenticated by the client certificate, but it has not. The discoverer of the problem describes this as an "authentication gap".

Rest Here

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

PC-BSD 10.1.2-RC1 Now Available

The PC-BSD team is pleased to announce the availability of RC1 images for the upcoming quarterly 10.1.2 release. Please test these images out and report any issues found on our bug tracker. Read more

Entroware Announces Aura, a Tiny PC That Runs Ubuntu or Ubuntu MATE 15.04

Entroware introduced today, May 2, their first mini-PC called Aura and powered by Canonical's recently released Ubuntu 15.04 (Vivid Vervet) computer operating system, or the popular Ubuntu MATE 15.04 flavor. Read more

Ubuntu-Based Black Lab Linux Enterprise Desktop 6.5 RC2 Released with KDE 4.14, MATE 1.8

Roberto J. Dohnert, the lead developer of Black Lab Linux and owner of Black Lab Software, announced the immediate availability for download and testing of the second and last Release Candidate (RC) version of the forthcoming Black Lab Enterprise Desktop 6.5 computer operating system based on Ubuntu. Read more Also: Black Lab Linux Will Standardize on the KDE Desktop Environment

today's leftovers

  • Kodi 15.0 Isengard Beta 1 Officially Released
    Kodi, a media player and entertainment hub that was named XBMC until a few months ago, has been upgraded to version 15.0 Beta 1 and is now ready for download and testing.
  • RcppArmadillo 0.5.100.1.0
    A new minor release 5.100.1 of Armadillo was released by Conrad yesterday. Armadillo is a powerful and expressive C++ template library for linear algebra aiming towards a good balance between speed and ease of use with a syntax deliberately close to a Matlab.
  • How many Chrome OS devices do you own?
    Chrome OS devices have proven to be quite popular with Chromebooks, Chromeboxes and Chromecast devices all regularly showing up in Amazon's various bestseller lists, and also getting good ratings and reviews by the people who have bought them.
  • Lucid sleep in the free desktop
    One of the areas I'm currently working on is what Google calls Lucid Sleep, which is basically the ability of performing work while the machine is in a low power state such as suspend. I'm writing this blog post because there has been interest on this in different communities and the discussion is currently a bit dispersed.
  • A Request for Help from a Linux Community Member in Nepal
    At the Linux Foundation we focus many of our programs on personalizing and connecting the talented network of Linux developers and users in all corners of the globe. Everyday we are witness to the Linux community innovating irrespective of geographic boundary; that is why this week we were moved by an email we received from one of our community asking for help.
  • Quicklisp and debian
    Common Lisp users are very happy to use Quicklisp when it comes to downloading and maintaining dependencies between their own code and the librairies it is using.
  • Qt4's status and Qt4's webkit removal in Stretch
    Hi everyone! As you might know Qt4 has been deprecated (in the sense "you better start to port your code") since Qt5's first release in December 19th 2012. Since that point on Qt4 received only bugfixes. Upstream is about to release the last point release, 4.8.7. This means that only severe bugs like security ones will get a chance to get solved.
  • LinuxFest NorthWest 2015, ownCloud 8 for stable Fedora / EPEL
    The Fedora booth was extra fun this year. As well as the OLPC XO systems we usually have there (which always do a great job of attracting attention), Brian Monroe set up a whole music recording system running out of a Fedora laptop, with a couple of guitars, bass, keyboard, and even a little all-in-one electronic drum…thing. He had multitrack recording via Ardour and guitar effects from Guitarix. This was a great way to show off the capabilities of Fedora Jam, and was very popular all weekend – sometimes it seemed like every third person who came by was ready to crank out a few guitar chords, and we had several bass players and drummers too. I spent a lot of time away from the booth, but even when I was there we had pretty much a full band going quite often.
  • Rugged, Linux-ready PC/104-Plus SBC offers onboard DAQ
    Diamond’s “Aries” is a Linux-friendly, Atom E3800 based PC/104-Plus SBC for data acquisition, featuring SATA, mSATA, mini-PCIe, and -40 to 85°C support.