Showing posts with label TLS. Show all posts
Showing posts with label TLS. Show all posts

Tuesday, December 12, 2017

TLS-Attacker v2.2 and the ROBOT attack

We found out that many TLS implementations are still vulnerable to different variations of a 19-year old Bleichenbacher's attack. Since Hanno argued to have an attack name, we called it ROBOT: https://robotattack.org

Given the new attack variants, we released a new version of TLS-Attacker 2.2, which covers our vulnerabilities.
Read more »
By at
Labels: , , ,

Tuesday, May 3, 2016

Curious Padding oracle in OpenSSL (CVE-2016-2107)

Today, a new OpenSSL security advisory came out and it patched my recent finding, Padding oracle in AES-NI CBC MAC check (CVE-2016-2107).

In this post, I will give some background on this attack and how I found it. Before reading the whole post, note that this vulnerability is very hard to exploit (even if it is given the high severity score). Also note that it is not a new general padding oracle attack with a new logo. It is just an oracle coming from an invalid check of decrypted message content, specifically introduced in OpenSSL (ok, if you really want to have a name for it, call it UnluckyHMAC ...because our HMAC is sad not to be able to validate bytes :) ).

Read more »
By at
Labels: ,

Friday, November 6, 2015

Playing with Certificates (from a Researcher's Perspective)

I often face a problem that I need to test several TLS servers. In order to make the tests consistent, I want to deploy the same keys and certificates on each server. However, this is not that easy, since there are several key formats and generation mechanisms. Deploying the same key to an OpenSSL and JSSE servers is thus a huge pain...
In the following, I will give a brief overview on basic certificate types and on few conversion possibilities.
Read more »
By at
Labels: , ,

Wednesday, August 20, 2014

Old attacks on new TLS implementations - or how a tiny side channel can break your crypto

This week at USENIX Security my colleague Chris Meyer will present our latest research paper on TLS attacks: "Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks" (written by him, Eugen Weiss, Jörg Schwenk, Sebastian Schinzel, Erik Tews and me) [paper].
This blog post is intended for people who do not like boring long research papers and would like to get a comprehensive summary what's going on. As the title suggests we developed some attacks on TLS implementations. In the following, I will try to give you an intuition behind these attacks and explain why they worked.

Read more »
By at
Labels: , , , , ,
Subscribe to: Posts (Atom)

Beliebte Posts

  • DTD Cheat Sheet
    When evaluating the security of XML based services, one should always consider DTD based attack vectors, such as XML External Entities (XXE)...
  • CORS misconfigurations on a large scale
    Inspired by James Kettle 's great OWASP AppSec Europe talk on CORS misconfigurations, we decided to fiddle around with CORS security i...
  • Printer Security
    Printers belong arguably to the most common devices we use. They are available in every household, office, company, governmental, medic...
  • How To Spoof PDF Signatures
    One year ago, we received a contract as a PDF file. It was digitally signed. We looked at the document - ignoring the "certificate is n...
  • How to Break Microsoft Rights Management Services
    In this post, we provide a security analysis of Microsoft Rights Management Services (RMS) and present two working attacks:  We complete...