TLS Connections Vulnerable

Thursday, May 21, 2015 @ 05:05 PM gHale


There is a new type of attack than can compromise a secure communication between a client and a server by downgrading the TLS connection, researchers said.

The exploit takes advantage of a weakness on the Transport Layer Security (TLS) protocol, including weak variants of the Diffie-Hellman cryptographic key exchange mechanism, used by web and mail servers as well as other secure services, researchers said.

RELATED STORIES
NetUSB Hole Leaves Devices Vulnerable
Apache Fixes Security Manager Hole
Apache Fixes Message Broker Software
Cisco Video Conference Vulnerabilities

Diffie-Hellman allows two parties unknown to each other to swap encryption keys securely over a public channel. This permits exchanging secure messages (IM, email) by encrypting them with ephemeral keys that can unlock only a part of the conversation.

The method used in the attack researchers are calling Logjam first ended up disclosed in the case of the FREAK bug that someone in the position to intercept the secure traffic could force the use of weak RSA keys for the encryption via SSL/TLS.

This was possible because of a now-abandoned policy in 1990, which required implementation of “export-grade” cryptography in the SSL protocol by adding weak cipher suites (marked with the prefix “EXP”) that relied on easy-to-break encryption keys.

The same applied to Diffie-Hellman and a weak, export-grade version became available (DHE_EXPORT ciphersuites), which did not allow use of keys stronger than 512-bit, which can be broken down by experts in just hours.

According to blog post, 8.4 percent of the top one million domains, email servers with simple mail transfer protocol with StartTLS (14.8 percent), secure POP3 (8.9 percent) and secure IMAP (8.4 percent) are vulnerable to Logjam attacks because they still include support for the “export-grade” Diffie-Hellman variants.

Some Web browsers also suffer from the issue. Chrome and Firefox are susceptible to the Logjam Attack, however, Internet Explorer is immune.

Apart from support for export-grade versions, the researchers also found that servers also rely on “standardized, hardcoded, or widely shared parameters,” which makes large-scale attacks cheap, they said in a report detailing the Diffie-Hellman problems.

According to the research, “just two 512-bit primes account for 92 percent of Alexa Top 1M domains that support DHE_EXPORT, and 93 percent of all servers with browser-trusted certificates that support DHE_EXPORT,” with the most popular prime found in 564,000 servers Apache web servers.

More than this, the researchers discovered weak primes (512-bit or lower) in non-export versions of the mechanism available in 2,631 servers with browser-trusted certificates; 118 of them were in the top one million domains.



Leave a Reply

You must be logged in to post a comment.