Language Selection

English French German Italian Portuguese Spanish

Another Protocol Bites The Dust

Filed under
Security

For the last 6 weeks or so, a bunch of us have been working on a really serious issue in SSL. In short, a man-in-the-middle can use SSL renegotiation to inject an arbitrary prefix into any SSL session, undetected by either end.

To make matters even worse, through a piece of (in retrospect) incredibly bad design, HTTP servers will, under some circumstances, replay that arbitrary prefix in a new authentication context. For example, this is what happens if you configure Apache to require client certificates for one directory but not another. Once it emerges that your request is for a protected directory, a renegotiation will occur to obtain the appropriate client certificate, and then the original request (i.e. the stuff from the bad guy) gets replayed as if it had been authenticated by the client certificate. But it hasn’t.

Not that the picture is all rosy even when client certificates are not involved.




Vulnerability in SSL/TLS protocol

h-online.com: According to reports, vulnerabilities in the SSL/TLS protocol can be exploited by attackers to insert content into secure connections. If this is correct, it would affect HTTPS and all other protocols which use TLS for security, including IMAP. The precise effects of the problem are not discussed in the reports. It would, however, appear to be possible to manipulate HTML content from websites during data transfer and, for example, inject malicious code.

The crux of the problem is, rather than a flawed implementation, a design flaw in the TLS protocol when renegotiating parameters for an existing TLS connection. This occurs when, for example, a client wants to access a secure area on a web server which requires the requesting client certificates. When the server establishes that is the case, it begins a renegotiation to obtain the appropriate client certificate. The original request gets replayed during this renegotiation as if it had been authenticated by the client certificate, but it has not. The discoverer of the problem describes this as an "authentication gap".

Rest Here

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Linux 4.2 Bringing Support For ARCv2, HS38 CPU Cores

The ARC architecture updates for the Linux 4.2 kernel have landed. With the ARC architecture updates in Linux 4.2 comes support for HS38 cores, which in turn are based on the Synopsys next-gen ISA known as ARCv2. The ARCv2 ISA is faster and more feature-rich than their original instruction set architecture. The HS38 cores have a 10-stage pipeline core with MMU support, SMP up to four cores, and other new features. The HS38 processor is still 32-bit and is "optimized for high-performance embedded applications running Linux." Read more Also: Radeon & AMDGPU DRM Fixes Queue Up For Linux 4.2

Ubuntu Touch OTA-5 Will Bring a New Thumbnailer in Unity 8, Support for Refunds

Canonical's Alejandro J. Cura had the great pleasure of reporting a few hours ago that the upcoming OTA-5 update for the Ubuntu Touch mobile operating system will get some attractive new features in the Unity 8 user interface. Read more

The July 2015 issue of the PCLinuxOS Magazine

With the exception of a brief period in 2009, The PCLinuxOS Magazine has been published on a monthly basis since September, 2006. The PCLinuxOS Magazine is a product of the PCLinuxOS community, published by volunteers from the community. The magazine is lead by Paul Arnote, Chief Editor, and Assistant Editor Meemaw. The PCLinuxOS Magazine is released under the Creative Commons Attribution-NonCommercial-Share-Alike 3.0 Unported license, and some rights are reserved. Read more

The Linux Setup - Neil McGovern, Debian Project Leader

I’m the current Debian Project Leader—which is a very impressive title that boils down to being a figurehead for the Debian project. I first started getting involved with Debian in 2003, and have wended my way through various roles in the project, from designing t-shirts to being the Release Manager for the last three releases, Lenny, Squeeze and Wheezy. In my day job, I’m the engineering manager for Collabora, an open source software consultancy which is fairly similar—basically making sure that all the engineers are happy and helping unblock any problems that come along. Read more