Meyer, Christopher ; Somorovsky, Juraj ; Weiss, Eugen ; Schwenk, Jörg ; Schinzel, Sebastian ; Tews, Erik (2014)
Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks.
San Diego, CA, USA
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
As a countermeasure against the famous Bleichenbacher attack on RSA based ciphersuites, all TLS RFCs starting from RFC 2246 (TLS 1.0) propose “to treat incorrectly formatted messages in a manner indistinguishable from correctly formatted RSA blocks”. In this paper we show that this objective has not been achieved yet (cf. Table 1): We present four new Bleichenbacher side channels, and three successful Bleichenbacher attacks against the Java Secure Socket Extension (JSSE) SSL/TLS implementation and against hardware security appliances using the Cavium NITROX SSL accelerator chip. Three of these side channels are timingbased, and two of them provide the first timing-based Bleichenbacher attacks on SSL/TLS described in the literature. Our measurements confirmed that all these side channels are observable over a switched network, with timing differences between 1 and 23 microseconds. We were able to successfully recover the PreMasterSecret using three of the four side channels in a realistic measurement setup.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2014 |
| Autor(en): | Meyer, Christopher ; Somorovsky, Juraj ; Weiss, Eugen ; Schwenk, Jörg ; Schinzel, Sebastian ; Tews, Erik |
| Art des Eintrags: | Bibliographie |
| Titel: | Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks |
| Sprache: | Deutsch |
| Publikationsjahr: | August 2014 |
| Verlag: | USENIX Association |
| Buchtitel: | Proceedings of the 23rd USENIX conference on Security Symposium |
| Reihe: | SEC'14 |
| Veranstaltungsort: | San Diego, CA, USA |
| Kurzbeschreibung (Abstract): | As a countermeasure against the famous Bleichenbacher attack on RSA based ciphersuites, all TLS RFCs starting from RFC 2246 (TLS 1.0) propose “to treat incorrectly formatted messages in a manner indistinguishable from correctly formatted RSA blocks”. In this paper we show that this objective has not been achieved yet (cf. Table 1): We present four new Bleichenbacher side channels, and three successful Bleichenbacher attacks against the Java Secure Socket Extension (JSSE) SSL/TLS implementation and against hardware security appliances using the Cavium NITROX SSL accelerator chip. Three of these side channels are timingbased, and two of them provide the first timing-based Bleichenbacher attacks on SSL/TLS described in the literature. Our measurements confirmed that all these side channels are observable over a switched network, with timing differences between 1 and 23 microseconds. We were able to successfully recover the PreMasterSecret using three of the four side channels in a realistic measurement setup. |
| ID-Nummer: | TUD-CS-2014-1099 |
| Fachbereich(e)/-gebiet(e): | Profilbereiche Profilbereiche > Cybersicherheit (CYSEC) |
| Hinterlegungsdatum: | 21 Aug 2017 13:51 |
| Letzte Änderung: | 22 Jan 2019 10:37 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum