new SSL Vulnerabilities – how they work and what they mean

Posted on by Laura Raderman

You may have heard about the latest SSL vulnerabilities over the last month, but how do they work and what does it mean to you (or your users)?

When I earlier described how SSL works, I glossed over two SSL functions: session resumption and re-negotiation. These two functions allow a client or server to renegotiate an SSL connection if they decide they want to use new keys. Session resumption allows the client to use a previous session ID, and have this happen faster – without renegotiating new keying material.

These optional protocols allow a man-in-the-middle (MITM) attack. The MITM gets authentication information from the client headers (through sniffing, DNS spoofing, etc.) and replays those to the server – asking for renegotiation. The server complies, and now the attacker is the “client” of the server, and the “server” to the client – using the previous client’s authentication information. All implementations have this particular problem.

There is also another attack that depends on the configuration of the server, but is part of the protocol as well. When the server allows different authentication for different paths and one path requires client authentication, a MITM can take advantage of this. The client makes a request, but since the server doesn’t know yet whether client authentication is required, it has to negotiate the connection without client authentication. Once the server determines that the request is for a path requiring client authentication, the server renegotiates the connection – and it uses the client’s original request (GET/POST/etc.) – meaning it can be replayed.

These attacks can allow someone to insert themselves between you and an SSL protected site – like your online bank – without either the client or server knowing. And that little lock on your web browser that says you’re connected to the correct site? Meaningless. This is bad. The good thing about these particular attacks is that the attacker has to have compromised your network (or the server’s) in order to get in the middle, but with recent DNS attacks, that’s no longer impossible.

Each Tuesday, Security Musings features a topic to help educate our readers about security. For more information about Gemini Security Solutions’ security education capabilities, contact us!