Triple Handshake Cookie Cutter

Published: 2014-03-04. Last Updated: 2014-03-04 20:42:44 UTC
by Daniel Wesemann (Version: 1)
2 comment(s)

Researches have released a paper describing several vulnerabilities in TLS (Transport Layer Security). Some of the attacks have been known for a while, but the paper combines and explains them nicely, and also adds a couple of really clever new ideas. The tricks rely on cutting sessions off and re-starting them in a way that client and server end up with a different (security) state. The full research is available here https://secure-resumption.com/. The good news is that (a) the main impact is apparently limited to connections that use client-side certificates, which is rare, and (b) the researchers have informed the browser vendors early on, and some browsers and TLS libraries are already patched.

Keywords: Renegotiation TLS
2 comment(s)

Comments

Rare is not unimportant. Client side certificates are important for the more sensitive applications, such as firmware reflashing of modern avionics gear!
Some encryption and authentication certificates are picked up using sessions with client side certificates.

Diary Archives