80 likes | 242 Views
Password interception in a SSL/TLS channel. Brice Canvel LASEC Memo 02/2003 http://lasecwww.epfl.ch/memo_ssl.shtml. Password interception in a SSL/TLS channel. Summary/Overview.
E N D
Password interception in a SSL/TLS channel Brice Canvel LASEC Memo 02/2003 http://lasecwww.epfl.ch/memo_ssl.shtml K. Stoeckigt (ksto033@ec.auckland.ac.nz)
Password interception in aSSL/TLS channel Summary/Overview Combine two attacks, a man-in-the-middle-attack and a side-attack and take the opportunity to get someone’s email password. K. Stoeckigt (ksto033@ec.auckland.ac.nz)
Password interception in aSSL/TLS channel Critical Comments • Memo is not uniform about the assumption the reader already knows about security and/or networking, computer science → Information gap • “SSL stands for Secure Sockets Layer and TLS stands for Transport Layer Security. These are methods for hiding the information two parties send to each other,…” • “Then, when using a block cipher in CBC mode, the concatenated string MES|MAC is padded with padding PAD such that MES|MAC|PAD|LEN is of…” K. Stoeckigt (ksto033@ec.auckland.ac.nz)
Password interception in aSSL/TLS channel Critical Comments (II) • The connection between the explanation of the Timing-Attack and the Dictionary and Brute Force method in comparison to the Attack in practice is not obvious • Neither timing data nor Dictionary and Brute Force method is mentioned in the “final” explanation • Attack is possible, but very complex • Man-in-the-middle attack; hacker must be able to intercept the connection between Client and Server → this is not easy K. Stoeckigt (ksto033@ec.auckland.ac.nz)
Password interception in aSSL/TLS channel Critical Comments (III) • No further explanation to the graph(What is 0 – 800 ? What kind of diagram is it ?) K. Stoeckigt (ksto033@ec.auckland.ac.nz)
Password interception in aSSL/TLS channel The Attack in Practice • User checks email using a secure connection (Outlook checks mail every 5 minutes → Hacker has a free sessions every 5 minutes) • Hacker intercepts the connection (connection is redirected (DNS spoofing), man-in-the-middle-attack) • Email client sends login/password to serverXXXX LOGIN “username” “password” <13><10><MAC><PAD><LEN> • Hacker tries to decrypt authentication method using a multisession version of CBC-PAD (side-attack) Client, running MS Outlook Express 6.x Hacker IMAP Mail Server K. Stoeckigt (ksto033@ec.auckland.ac.nz)
Password interception in aSSL/TLS channel Conclusion • It is just a Memo → many information are missing • Attack is possible, but it costs a huge amount of effort to attack the system • “Full report available soon” → not until June • Counteractive measures have been released (for OpenSSL) K. Stoeckigt (ksto033@ec.auckland.ac.nz)
Password interception in aSSL/TLS channel ? Question • What else do you need to know to determine if your system is vulnerable ? • Do you think this vulnerability is also a MS-Problem ? K. Stoeckigt (ksto033@ec.auckland.ac.nz)