Últimas notícias

Fique informado
SSL/TLS | New Attack on RC4-Based SSL/TLS Leverages 13-Year-Old Vulnerabilit

SSL/TLS | New Attack on RC4-Based SSL/TLS Leverages 13-Year-Old Vulnerabilit

29 de março de 2015


Philip R. Zimmermann apresenta o 3º episódio AET Security Topics: Quantum Key Distribution

Philip R. Zimmermann, um dos maiores criptógrafos, apresenta uma nova webserie. Não perca o 1º episódio! Com legenda em português!

15 de setembro de 2021

NSA publica atualização sobre criptografia resistente a quantum

A NSA publicou o FAQ “Quantum Computing and Post-Quantum Cryptography. Confira nesse artigo!

3 de setembro de 2021

A condição paradoxal do hacktivismo

O início dos anos 2000 foi marcado pela formação do movimento Anonymous e por ataques relevantes, classificados como hacktivistas.

1 de setembro de 2021

CertForum 2021: Fórum Mundial de Assinatura Digital

Como parte integrante do CertForum, será realizado o Fórum Mundial de Assinatura Digital, com o objetivo de ampliar o debate do uso da assinatura digital.

1 de setembro de 2021

CertForum 21: evento on-line para quem quer saber tudo sobre identificação digital e documentos eletrônicos

O CertForum é realizado pelo Instituto Nacional de Tecnologia da Informação (ITI) e organizado pela Associação Brasileira das Empresas de Tecnologia em Identificação Digital (ABRID).

31 de agosto de 2021

SSL: Tipos de certificados para proteger seu site

Vale a pena ler esse artigo para entender o que

24 de novembro de 2014
New Attack on RC4-Based SSL/TLS Leverages 13-Year-Old Vulnerabilit

Researchers at Imperva’s Application Defense Center have found a way to leverage a 13-year-old vulnerability in the RC4 cryptographic algorithm to recover partial information from SSL/TLS-protected communications.

Por Eduard Kovacs*

The Secure Sockets Layer (SSL) and the newer Transport Layer Security (TLS) cryptographic protocols are designed to provide authentication and secure communications. The protocols often leverage Rivest Cipher 4 (RC4), the most commonly used stream cipher, for protecting traffic.

However, over the past years, experts uncovered several flaws in RC4. Some of these issues made numerous headlines, but the vulnerability leveraged by Imperva in its attacks, dubbed the “Invariance Weakness,” has been in the shadows in the past 13 years, according to researchers.

Building on previous research, Imperva has managed to exploit the vulnerability for plaintext recovery attacks in which an attacker can extract partial data from protected communications, including payment card details, passwords, and session cookies. The attack, dubbed “Bar Mitzvah,” is similar to BEAST (Browser Exploit Against SSL/TLS), but it’s considered more stable.

In an attack scenario described by experts, the attacker intercepts a large number of SSL/TLS connections that use RC4, and waits until a weak key is found. The weak key can then be used to recover partial plain text data. Researchers have determined that one out of every 16 million RC4 keys is weak, and the number of attempts required to mount an attack is estimated to be 1 billion.

A malicious actor can only target the first 100 bytes of protected data. However, even partial data can be useful since it can facilitate brute-force attacks on sensitive information such as session cookies, passwords and credit card numbers, Imperva said.

In the non-targeted, passive version of the Bar Mitzvah attack, the attacker eavesdrops on the inbound traffic to a popular Web application. For every 1 billion connections, he can obtain one piece of sensitive information. However, in this scenario, the collected data belongs to random users and there is no way for the attacker to determine their identity.

An alternative attack scenario involves obtaining the 1 billion connections from a group of victims. This can be achieved by launching a man-in-the-middle attack against multiple users through DNS poisoning or a malicious hotspot.

“The security of RC4 has been questionable for many years, in particular its initialization mechanisms. However, only in recent years has this understanding begun translating into a call to retire RC4,” Imperva researchers wrote in their paper.

The chances of someone’s data getting compromised as a result of such an attack are small, but Imperva believes this vector should not be neglected. That is why the security firm advises administrators to disable RC4 in their apps’ configuration if possible. Users are advised to disable RC4 in their browsers, while browser vendors are urged to consider removing RC4 from their cipher lists. Microsoft, Mozilla and other organizations offer the same advice.

The complete Hacker Intelligence Initiative report from Imperva, titled “Attacking SSL when using RC4: Breaking SSL with a 13-year old RC4 Weakness,” is available online.

Nenhum comentário até agora

Ir para a discussão

Nenhum comentário ainda!

Você pose ser o primeiro a iniciar a discussão.