Back to Contents

Computer Security



SSL/TLS

  • SSL -> Secure Socket Layer
  • TLS -> Transport Layer Security
  • provides

    • confidentiality
    • integrity
    • authenticity across the connection
  • They are basicallly the same protocol but different versions -- SSL is old TSL is new

  • Sequence:

    • Step 1: Client Hello -- sends algo details that it can support
    • Step 2: Server Hello -- confirms what protocol they are using
    • Step 3: Server Key exchange -- Server sends Digital Certificate
    • Step 4: Server Hello Done -- Over from server
    • Step 5: Client Key Exchange -- Clinet creates a secret key(symmetric) (random number) and sends it to server encrypted with servers public key. This creates a new session.
    • Step 6: Change Cipher Spec -- Begin Encrypted Communication
    • Step 7: Encrypted Handshake -- They are able to understand each other
  • Current version TLS1.2

  • version 1.3 is in draft mode



POODLE

  • aka Padding Oracle On Downgraded Legacy Encryption
  • protocol downgrade dance during SSL handshake
  • downgrade to SSL3.0 and exploit its weakness
  • During step 3 when clinet ends list of encrption systems, the middle man puts SSL3.0 on the top of the list and server agrees to it
  • Now client and server both agreed to communicate on SSL3.0
  • SSL3.0 uses RC4 stream cipher or AES in CBC mode
  • RC4 leaks information - breaks confidentiality
  • CBC encryption vulnerable to padding oracle attack -breaks everything
  • Fix

    • remove support for SSL 3.0
    • TLS_FALLBACK_SCSV mechanism -- TLS version should not fall more than one at a time. If a higher version is svailable then it rejects it.
    • ssl-poodle
  • Other Attacks:

    • Similarly-named certs
    • Side Channel Attack
    • BEAST - (Browser Exploit Against SSL/TLS)



Back to Contents