Últimas notícias

Fique informado
SSL/TLS | New Attack on RC4-Based SSL/TLS Leverages 13-Year-Old Vulnerabilit

SSL/TLS | New Attack on RC4-Based SSL/TLS Leverages 13-Year-Old Vulnerabilit



Serviços prestados pelas Autoridades Certificadoras e de Registro da ICP-Brasil são considerados essenciais segundo decreto 10.282

Pelo decreto, são considerados essenciais os serviços relacionados a certificação digital ICP-Brasil: Art. 3º, §1º, XXI do Decreto nº 10.282/2020.


Em caráter de urgência ITI publica Instrução Normativa nº 2 para validação dos titulares dos certificados digitais por videoconferência

INSTRUÇÃO NORMATIVA Nº 02, DE 20 DE MARÇO DE 2020 Estabelece os procedimentos de confirmação de cadastro de requerente de certificado digital por meio de videoconferência.


Diretor-presidente do ITI alerta para a validade de certificados digitais de empresários brasileiros

Marcelo Buz do Instituto Nacional de Tecnologia da Informação – ITI alerta os empresários brasileiros para a validade do certificado digital.


SSL: Tipos de certificados para proteger seu site

Vale a pena ler esse artigo para entender o que

New Attack on RC4-Based SSL/TLS Leverages 13-Year-Old Vulnerabilit

Researchers at Imperva’s Application Defense Center have found a way to leverage a 13-year-old vulnerability in the RC4 cryptographic algorithm to recover partial information from SSL/TLS-protected communications.

Por Eduard Kovacs*

The Secure Sockets Layer (SSL) and the newer Transport Layer Security (TLS) cryptographic protocols are designed to provide authentication and secure communications. The protocols often leverage Rivest Cipher 4 (RC4), the most commonly used stream cipher, for protecting traffic.

However, over the past years, experts uncovered several flaws in RC4. Some of these issues made numerous headlines, but the vulnerability leveraged by Imperva in its attacks, dubbed the “Invariance Weakness,” has been in the shadows in the past 13 years, according to researchers.

Building on previous research, Imperva has managed to exploit the vulnerability for plaintext recovery attacks in which an attacker can extract partial data from protected communications, including payment card details, passwords, and session cookies. The attack, dubbed “Bar Mitzvah,” is similar to BEAST (Browser Exploit Against SSL/TLS), but it’s considered more stable.

In an attack scenario described by experts, the attacker intercepts a large number of SSL/TLS connections that use RC4, and waits until a weak key is found. The weak key can then be used to recover partial plain text data. Researchers have determined that one out of every 16 million RC4 keys is weak, and the number of attempts required to mount an attack is estimated to be 1 billion.

A malicious actor can only target the first 100 bytes of protected data. However, even partial data can be useful since it can facilitate brute-force attacks on sensitive information such as session cookies, passwords and credit card numbers, Imperva said.

In the non-targeted, passive version of the Bar Mitzvah attack, the attacker eavesdrops on the inbound traffic to a popular Web application. For every 1 billion connections, he can obtain one piece of sensitive information. However, in this scenario, the collected data belongs to random users and there is no way for the attacker to determine their identity.

An alternative attack scenario involves obtaining the 1 billion connections from a group of victims. This can be achieved by launching a man-in-the-middle attack against multiple users through DNS poisoning or a malicious hotspot.

“The security of RC4 has been questionable for many years, in particular its initialization mechanisms. However, only in recent years has this understanding begun translating into a call to retire RC4,” Imperva researchers wrote in their paper.

The chances of someone’s data getting compromised as a result of such an attack are small, but Imperva believes this vector should not be neglected. That is why the security firm advises administrators to disable RC4 in their apps’ configuration if possible. Users are advised to disable RC4 in their browsers, while browser vendors are urged to consider removing RC4 from their cipher lists. Microsoft, Mozilla and other organizations offer the same advice.

The complete Hacker Intelligence Initiative report from Imperva, titled “Attacking SSL when using RC4: Breaking SSL with a 13-year old RC4 Weakness,” is available online.

Nenhum comentário até agora

Ir para a discussão

Nenhum comentário ainda!

Você pose ser o primeiro a iniciar a discussão.