The SSL/TLS protocols are frequently attacked. And understanding past attacks can inform your knowledge as a defender and help you secure current systems.
So here's a summary of the common attacks targeting these SSL/TLS from
Below are my notes about the attacks on BEAST/Heartbleed/Poodle.
Browser Exploit Against SSL/TLS (BEAST)/2011
- MitM attack that impacted SSL 3.0 and TLS 1.0
- Depends on block ciphers (CBC mode) used by TLS.
- Vulnerable to chosen plantext attack.
- BEAST - exploit for CVE-2011-3389
Heartbleed/2012/2014
- Vulnerability found in the heartbeat extension of OpenSSL library.
- Cause leakage of data in unencrypted format including sensitive credentials, documents.
- OpenSSL (the vulnerable versions were between 1.0.1 and 1.0.1f)
- Doesn't leave any abnormal traces in logs.
Padding Oracle On Downgraded Legacy Encryption (POODLE)/2014
- Flaw in SSL 3.0.
- This attack does require a separate attack to gain this access and MiTM.
- Essentially the message is hashed before sending and at the receiving end, and the re-compiled hash is compared to ensure message integrity, but the padding is not included.
- Practically it is impossible to brute force SSL with this this attack and allows for recovering each byte after a maximum of 256 attempts per byte. That means an attacker could compromise a session cookie or other sensitive information in a few minutes.
Attack and Mitigation
Attack | Vulnerability | Mitigation |
---|---|---|
BEAST | CVE-2011-3389 | Upgrade to TLS 1.1 and above |
Heartbleed | CVE-2014-0160 | Upgrade OpenSSL (avoid between 1.0.1 and 1.0.1f) |
POODLE | CVE-2014-3566 | Disable SSL 3.0 |
Links: