This is Bad.   2 comments

Ben Laurie (yes, *that* Ben Laurie) reports that TLS is flat busted.

For the last 6 weeks or so, a bunch of us have been working on a really serious issue in SSL. In short, a man-in-the-middle can use SSL renegotiation to inject an arbitrary prefix into any SSL session, undetected by either end.

To make matters even worse, through a piece of (in retrospect) incredibly bad design, HTTP servers will, under some circumstances, replay that arbitrary prefix in a new authentication context. For example, this is what happens if you configure Apache to require client certificates for one directory but not another. Once it emerges that your request is for a protected directory, a renegotiation will occur to obtain the appropriate client certificate, and then the original request (i.e. the stuff from the bad guy) gets replayed as if it had been authenticated by the client certificate. But it hasn’t.

More here.

There are three general attacks against HTTPS discussed here, each with slightly different characteristics, all of which yield the same result: the attacker is able to execute an HTTP transaction of his choice, authenticated by a legitimate user (the victim of the MITM attack.

Advertisements

Posted November 5, 2009 by padraic2112 in Uncategorized

2 responses to “This is Bad.

Subscribe to comments with RSS.

  1. Pat-

    Just another iteration in the cycle of “discover security hole -> panic -> patch security hole”. As usual, sysadmins who are paying attention and keep up with current events will know that there is a problem and how they can fix it (or, if they are dependent on renegotiation, redesigning the site). We’ll probably be dealing with this cycle forever. It’s just an unfortunate cost of doing business on the internet: nothing static will survive.

  2. Yeah, but the problem here is that it’s a problem quite a few IT people don’t realize they have. *Everything* depends on TLS, 80% of the people who use it don’t realize what this particular problem means. “The web site is still working, what’s the problem?”

    $10 sez within a year we hear about a major security breach or loss of data or credit card scam where somewhere in the story is the beloved phrase, “A vulnerability which was patched by the OpenSSL team 8 months ago, but the company never applied the update…”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: