[nsp-sec] Implementation Defect in Many SSL/TLS Implementations
David Freedman
david.freedman at uk.clara.net
Mon Feb 4 16:12:54 EST 2013
(re-posted from another list with permission)
A new vulnerability has been identified in many SSL and TLS implementations
that are widely used including OpenSSL, NSS, GnuTLS, PolarSSL and CyaSSL.
Patches are currently available for some but not all implementations.
Paper: http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
Other Info: http://www.imperialviolet.org/2013/02/04/luckythirteen.html
http://www.isg.rhul.ac.uk/tls/index.html#Countermeasures has a list of
suggested workarounds if a patch is not available for a specific vendor.
TL;DR - There is a theoretical MITM attack on CBC that can decrypt some
or all of a SSL stream.
I believe there also exists some analysis undertaken on this, if you are
interested, please contact me off-list and I'll put you in touch with the
OP (I believe their company is on-list but the individual is not)
Dave.
More information about the nsp-security
mailing list