Two researchers, Julian Rizzo and Thai Duong, recently accounted the discovery of a new attack that allows them to exploit a vulnerability in TLS 1.0/SSL 3.0, the successor to the secure sockets layer technology.
This is particularly noteworthy, because of how frequently these security measures are used to protect data we share online.
Secure Sockets Layer: A brief history
Many of you have probably at least heard of Secure Sockets Layer (SSL), an Internet encryption implementation that allows a browser-based user the ability to communicate private information with content sensitive web applications such as bank and e-commerce sites.
You may also be familiar with the URL address indication of SSL protection – where the standard http (Hypertext Transfer Protocol) URL prefix on a URL is replaced with https (Hypertext Transfer Protocol Secure).
SSL was originally released in 1995 (SSL 2.0) and has subsequently been revised to SSL 3.0 in 1996. An upgrade to SLL, Transport Layer Security (TLS 1.0) was introduced in 1999, with the ability to support SSL 3.0. Subsequent versions of TLS (3.2) and SSL (3.3) were introduced in 2008. The term “SSL” is still commonly used, even when TLS is actually the encryption implementation.
Finding flaws in SSL
With a number of upgrades since it was first created, you might be wondering why SSL is still subjects to threats like that proposed by Rizzo and Duong. In order to answer that question, there are a number of facts to consider.
First, it is important to note that older browsers may not support the newer versions of SSL and TLS protocols. When a browser connects with an SSL enabled severer, the browser and server negotiate the most secure encryption protocol (in other words, the most recent) and use that version throughout the life of the secured browser session.
It is also important to understand that browser/server sessions, secure or not, rely on browser remembered state information (HTTP cookies) that must be passed to the server during each information exchange to remind the server of the condition of the user’s browser. During a secure session it is essential that the information in a cookie not only be encrypted (making it invisible to hackers) but also tamper-proof so that a hacker cannot fool either the user browser or the server.
A detrimental vulnerability
With this background in place, it may now be possible to understand magnitude of the problem should a security flaw be found in the encryption of communication sessions or the HTTP cookies that support these sessions. This also makes the September 19, 2011 statement by Thai Duong and Juliano Rizzo, indicating that have found a means to break into encrypted cookies during secure sessions, a serious concern.
Even though this flaw only affects older encryption protocols (TLS 1.0 and below, including SSL 3.0 and below) we should understand that this hack still has the potential to exploit the vast majority of browsers currently in place (theoretically all browsers that would be required to negotiate a secure session using TLS 1.0 and below).
Though alarming and potentially detrimental, in the ever-changing world of computer security, a vulnerability like this is not entirely uncommon. Internet security continually progresses through cycles of “uncrackable” security measures where flaws are eventually found.
These discoveries typically result in much worry and new security techniques are developed to replace the old, flawed techniques. The potential issues surrounding the TLS 1.0 encryption protocols, if true, will certainly cause a great deal of excitement. Though we’ve seen this kind of excitement before, I’m sure that we can expect to see experts quickly rush to quickly determine how to best fill in the gaps.
Outdated browsers, malware and clever hackers—what is your biggest concern regarding web security? Let us know by leaving a comment below.