Slashdot Mirror

← Back to Stories (view on slashdot.org)

Man-In-the-Middle Vulnerability For SSL and TLS

Posted by Soulskill on from the alphabet-soup dept.

imbaczek writes "The SSL 3.0+ and TLS 1.0+ protocols are vulnerable to a set of related attacks which allow a man-in-the-middle (MITM) operating at or below the TCP layer to inject a chosen plaintext prefix into the encrypted data stream, often without detection by either end of the connection. This is possible because an 'authentication gap' exists during the renegotiation process, at which the MitM may splice together disparate TLS connections in a completely standards-compliant way. This represents a serious security defect for many or all protocols which run on top of TLS, including HTTPS."

5 of 170 comments (clear)

  1. Re:We need to invest in Quantum Physics. by PiSkyHi · · Score: 5, Funny

    Come on moderators, its a joke - Yes, I realise its both funny and not funny at the same time.

  2. Its a quantum man in the middle attack by Viol8 · · Score: 5, Funny

    Its the same man in all 3 places.

  3. Re:Dissabling SSL re-negotiation? by dopodot · · Score: 5, Informative

    It's more than changing the cipher type, it's also negotiating up from anonymous client to verified client. The second situation occurs ALL THE TIME in web services that require different levels of trust for different content within the same site. So it's not a "seldom-used" feature in the least.

  4. Re:Wrong Impression? by John+Hasler · · Score: 5, Insightful

    You pay money to certificate providers so that your customers won't be frightened away by scary browser warnings.

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
  5. Re:Dissabling SSL re-negotiation? by Anonymous Coward · · Score: 5, Informative

    "But let me ask this : who would ever require SSL renegotiation in practice?"

    from,

    http://h71000.www7.hp.com/doc/83final/ba554_90007/ch04s03.html

    SSL renegotiation is useful in the following situations, once you have established an ordinary SSL session:

            * When you require client authentication
            * When you are using a different set of encryption and decryption keys
            * When you are using a different set of encryption and hashing algorithms

    The last two are kind of useless in practice. The first one is very useful to authenticate the client. Actually, if this is the only way to verify client cert, then SSL renegotiation is vital part of SSL.