Last Updated: 2011-09-25 02:08:01 UTC
by Mark Hofman (Version: 1)
I was hoping for a more official release of the document, but you will be able to find the document and the sample decrypt java code here http://www.insecure.cl/Beast-SSL.rar .
The paper is an interesting read. To me it outlined the weakness in using CBC very nicely and the attack is well described. Certainly one of the more readable crypto papers I've come across. I will suggest you read it whilst well fed, and rested.
So is SSL/TLS dead?
How to fix it?
Well the easiest would be for web sites and browsers to stop using TLS v1.0, but as Rob points out in a previous diary http://isc.sans.edu/diary.html?storyid=11629 That may not be as easy as we think. The only other choice we have is to start disabling those ciphers that utilise CBC, but that may not work either as there are precious few cypher suites available that do not use CBC. Using stream ciphers will address the issue, but may introduce new ones (RC4 has its own weakness).
Chrome has already addressed the issue and the fix on the browser side is quite simple and elegant. We'll see the other browsers implement something similar over the next few weeks. That doesn't fix the protocol, but it will help address the immediate issue of clients being attacked in this manner.
If you do want to change the cipher defaults, in Windows world, you will need to make some registry changes.
This key and subkeys control how the ciphers are used.
This article http://support.microsoft.com/kb/245030 explains how to change protocols and weak cyphers (make sure you test in a test bed first).
As things develop, we will keep you posted.
Mark - Shearwater
New Comments closed for all Diaries older than two(2) weeks
Please send your comments to our Contact Form