Another SSL Attack – But Don’t Panic
SSL and TLS, the security protocols that protect most of our banking and ecommerce transactions is a complicated beast – more so due to the the many options it offers.
ars technica in an article titled “Noose around Internet’s TLS system tightens with two new decryption attacks”, discussed a paper presented at Black Hat Asia that describes a new attack, dubbed the Bar Mitzvah attack (do researchers have contests to come up with strange names?) due the the fact that it has been around for 13 years.
As ars reports, RC4, named after cypto pioneer Ron Rivest of RSA, has been known to be weak for years. But weak is a relative term. One attack, from 2013 required the attacker to see 17 billion encryptions of the same text to reveal SOME of the data in the encrypted stream.
Now researchers have improved that attack. With only 67 million encryptions, they can recover passwords 50% of the time.
Now a new attack, presented at Black Hat Asia and dubbed the Bar Mitzvah attack, attackers need to sample around a billion encryptions to recover a credit card number.
RC4 is used by around 30 percent of internet TLS (Https) traffic.
As I said above, SSL and its newer cousin TLS have many options. Some say too many options. While these attacks don’t seem to present a huge problem if the first attack went from 17 billion encryptions to 67 million in a year, what will next year bring.
The simple solution – like we did for the FREAK attack earlier this year – is to disable known weak ciphers. But this must be done on the server side for web sites to know they are secure and there is no way for the customer of a bank, for example, to easily know that the banks have disabled these older weaker protocols. With the FREAK attack, one method of delivery would be for a user of a public WiFi router to be forced to use the weak protocols as a result of a man in the middle attack at that public WiFi access point.
This is why I recommend to NEVER do your banking over a hotel or coffee shop WiFi. There is a new attack today against a very popular hotel WiFi system (see news here ) for which there is a patch. However, the researchers who revealed the attack did not say, for security reasons, which hotels of which chains run that system and users have no way of knowing if the hotel has applied the patch.
All this means that IT shops need to spend more time and effort caring and feeding the security components of their server farms.
M