Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Prepares Fix To Stop SSL/TLS Attacks

Posted by samzenpus on from the raise-shields dept.

OverTheGeicoE writes "It was reported Tuesday that researchers had found a way to break the most commonly used SSL/TLS encryption in browsers. According to the Register, Google is pushing out a patch to fix the problem. The patch doesn't involve adding support for TLS 1.1 or 1.2. FTFA: 'The change introduced into Chrome would counteract these attacks by splitting a message into fragments to reduce the attacker's control over the plaintext about to be encrypted. By adding unexpected randomness to the process, the new behavior in Chrome is intended to throw BEAST off the scent of the decryption process by feeding it confusing information.' The fix is supposedly in the latest developer version of Chrome."

3 of 122 comments (clear)

  1. Speculation on the attack by dachshund · · Score: 4, Informative

    I had posted this in another thread, but in case it's helpful --- this is my best guess on how the attack works in detail:

    http://practicalcrypto.blogspot.com/2011/09/brief-diversion-beast-attack-on-tlsssl.html

  2. Re:TLS 1.1 or 1.2? by Kjella · · Score: 1, Informative

    AC said it, the standard may be many years old but no released version of OpenSSL supports anything higher than TLS 1.0....

    --
    Live today, because you never know what tomorrow brings
  3. Re:TLS 1.1 or 1.2? by dachshund · · Score: 5, Informative

    Its not the only the browsers that need to support the newer versions of these protocols, but also the servers.

    Maybe not. It appears that OpenSSL in 0.9.6d implemented a "fix" to TLS 1.0 that may not require a change to the server. The basic idea is that the browser injects message prefixes into the stream as a kind of "fake" IV, to keep the Javascript from having control of which messages get encrypted. This may stop the attack.

    Furthermore, if the prefixes are formatted in a certain way --- total speculation --- it may be possible to get the server to filter them out even if it's not running the same software. Anyway, I can't imagine how OpenSSL would implement this fix if the servers don't support it. But I admit I'm just catching up on this aspect.

    Here's a brief post describing the "fix":

    http://article.gmane.org/gmane.network.openvpn.user/32566

    And my speculation on how the attack works, in detail:

    http://practicalcrypto.blogspot.com/2011/09/brief-diversion-beast-attack-on-tlsssl.html