HTTPS Websites Vulnerable to Decryption Attack

2009 0

Ars Technica reports that “more than 11 million websites and e-mail services protected by the transport layer security protocol are vulnerable to a newly discovered, low-cost attack that decrypts sensitive communications in a matter of hours and in some cases almost immediately, an international team of researchers warned Tuesday.” Craig Young, Security Researcher at Tripwire explains what needs to be done.

Craig Young, Cybersecurity Researcher at Tripwire :

“The continued use of obsolete cryptography tools needs to stop. Earlier this year we learned how the SLOTH attack could compromise privacy of TLS, VPN, and SSH services when the obsolete SHA-1 or MD5 hashing algorithms were used. Now we are seeing a practical attack capable of extracting private keys out of servers running the completely broken SSLv2 protocol. While security professionals have long since been advocating that SSLv2 should not be used anywhere and the payment card industry has banned its use, scans of the Internet are now revealing that a whopping 17% of HTTPS protected web sites have this technology accessible. OpenSSL is partly to blame for this as a flaw was recently patched showing how SSLv2 could still be accessible to an attacker even when all SSLv2 ciphers were disabled.  The team patched that issue with a low severity advisory back in January and has now released a subsequent patch to fully disable SSLv2 by default.

I would highly recommend that all server administrators perform scans of all services on their servers to check for the availability of SSLv2 as this problem is not just limited to HTTPS sites but can also pop up on mail or other servers using SSL. The attack in question involves an attacker repeatedly establishing SSLv2 sessions with a server and in the process leaking bits from the server’s private key due to problems in the protocol. Attackers would only need to make thousands of SSLv2 connections to the server as well as performing a reasonable amount of offline computation to fully extract the server key and start decrypting other sessions to the server. Naturally the decryption of other sessions requires that the attacker has some access to the network pipe but this is increasingly easy in an era where so many mobile devices have open wireless profiles. Administrators should also keep an eye open for floods of connections which may be indicative of someone attempting to perform a DROWN attack on their server.”

About Tripwire
Tripwire logoTripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.


Join the Conversation

Join the Conversation


In this article