Language Selection

English French German Italian Portuguese Spanish

Another Protocol Bites The Dust

Filed under
Security

For the last 6 weeks or so, a bunch of us have been working on a really serious issue in SSL. In short, a man-in-the-middle can use SSL renegotiation to inject an arbitrary prefix into any SSL session, undetected by either end.

To make matters even worse, through a piece of (in retrospect) incredibly bad design, HTTP servers will, under some circumstances, replay that arbitrary prefix in a new authentication context. For example, this is what happens if you configure Apache to require client certificates for one directory but not another. Once it emerges that your request is for a protected directory, a renegotiation will occur to obtain the appropriate client certificate, and then the original request (i.e. the stuff from the bad guy) gets replayed as if it had been authenticated by the client certificate. But it hasn’t.

Not that the picture is all rosy even when client certificates are not involved.




Vulnerability in SSL/TLS protocol

h-online.com: According to reports, vulnerabilities in the SSL/TLS protocol can be exploited by attackers to insert content into secure connections. If this is correct, it would affect HTTPS and all other protocols which use TLS for security, including IMAP. The precise effects of the problem are not discussed in the reports. It would, however, appear to be possible to manipulate HTML content from websites during data transfer and, for example, inject malicious code.

The crux of the problem is, rather than a flawed implementation, a design flaw in the TLS protocol when renegotiating parameters for an existing TLS connection. This occurs when, for example, a client wants to access a secure area on a web server which requires the requesting client certificates. When the server establishes that is the case, it begins a renegotiation to obtain the appropriate client certificate. The original request gets replayed during this renegotiation as if it had been authenticated by the client certificate, but it has not. The discoverer of the problem describes this as an "authentication gap".

Rest Here

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Ryzen Compiler Performance: Clang 4/5 vs. GCC 6/7/8 Benchmarks

A few days back I posted some fresh AMD Ryzen compiler benchmarks of LLVM Clang now that it has its new Znver1 scheduler model, which helps out the performance of Ryzen on Linux with some of the generated binaries tested. But it was found still that Haswell-tuned binaries are sometimes still faster on Ryzen than the Zen "znver1" tuning itself. For continuing our fresh compiler benchmarks from AMD's new Ryzen platform, here are the latest GCC numbers. Read more

More Security Leftovers

  • Fingerprint-based detection of DNS hijacks using RIPE Atlas [Warning for PDF]

    DNS hijacking is a real thing happening on the Internet
    ○ We found several RIPE Atlas probes with hijacked DNS resolver
    ○ Some countries have >25% chances of DNS being hijacked

  • How the Swedish administration leaked EU’s secure STESTA intranet to Russia, then tried glossing over it

    The Swedish administration is leaking its secret intranet and databases to Russia, via its Transport Agency, via the IBM cloud, via IBM's subcontractor NCR (formerly AT&T) in Serbia, which is a close Russian military ally. Giving staff in Serbia administrative access to these networks practically guarantees that Russia also has access to the network. The European Union's secure STESTA network is also connected to the leaked intranet. But this is not about geopolitics and who’s allied with whom, but about how an administration tries to quiet down and gloss over an apocalyptically stupid and monstrously damaging data leak.

  • Outsourcing Nightmare

    We had two reports of an ongoing situation in Sweden where confidential information held by the government has been compromised

  • Status update from the Reproducible Builds project
    Since then, we have made considerable progress which has been reported during DebConf 15 and 16 talks as well as other conferences around the world. However, for the sake of information preservation and clear communication we felt the need to write a newer report here.

KDE: KDE Slimbook, Akademy, and GSoC

  • Yesterday I picked up my new KDE Slimbook from the Slimbook.es stand at Akademy.
    First thing I did, of course, was boot it with my FreeBSD 11.0 SD card, to see if it works with my favorite operating system (with Plasma 5 desktop, of course). Nope: 11.0 hangs after finding acpi_ec0, so I will write about that later this week. Second thing I did was boot KDE Neon (pre-installed) on it, to see how it works out-of-the-box. I collected a bunch of tiny-little-irritations, papercuts if you will, from the basic installation — which have disappeared after an update and reboot.
  • Akademy 2017 -- Day 1
    During the first day at the Akademy, everything went according to plan and nearly everything was on time. Kudos to the organisers. The weather was balmy at the beginning of the day and, although Aleix Pol said it was not hotter than a hot day in Barcelona, many of the Scandinavian and Scottish attendees were visibly wilting under the sun. Fortunately for them, the venue is equipped with air-conditioning. Little known fact about Almería: it is situated in the biggest desert in Europe, the Desert of Tabernas. A better known fact is that that same desert has been used as a location for many spaghetti westerns, including the seminal Sergio Leone movies "For A Fistful of Dollars" and "The Good, the Bad and the Ugly". What is more interesting for some KDE members is that Tabernas has also been used in the filming of at least one Doctor Who episode ("A Town Called Mercy"). Unsurprisingly, the whovians amongst us quickly got busy and organised a trip to the place of the shoot for later in the week.
  • Akademy-es 2017 Fue Muy Bien
    On the 20th and 21st of July, KDE España held, with the invaluable help of UNIA, HackLab Almería and the University of Almería, and with the sponsorship of Opentia, its 12th annual gathering: Akademy-es 2017. As it always happens when Akademy takes place in Spain, Akademy-es 2017 became a prelude of the international event and many well-known KDE developers attended. Throughout two days, talks were offered covering many different topics, including Plasma, programming (C++, Qt, mobile), exciting projects like Kirigami, proposals for the future such as KDE on automobile, encouragement to use KDE software and contribute to KDE, and information about KDE España.
  • GSoC’17-Week #5
    In Krita, we cannot delete the bundle created just like that. The Bundles created are saved as the KisResource in a QList. We have to remove it from that list, then obviously, we have to remove it from the list widget where this bundle is shown. Then we have to BlackList the file. Then from there, we can remove the blacklisted bundles as we empty a recycle bin ;).

Today in Techrights