TU Darmstadt / ULB / TUbiblio

Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks

Meyer, Christopher ; Somorovsky, Juraj ; Weiss, Eugen ; Schwenk, Jörg ; Schinzel, Sebastian ; Tews, Erik (2014)
Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks.
San Diego, CA, USA
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

As a countermeasure against the famous Bleichenbacher attack on RSA based ciphersuites, all TLS RFCs starting from RFC 2246 (TLS 1.0) propose “to treat incorrectly formatted messages in a manner indistinguishable from correctly formatted RSA blocks”. In this paper we show that this objective has not been achieved yet (cf. Table 1): We present four new Bleichenbacher side channels, and three successful Bleichenbacher attacks against the Java Secure Socket Extension (JSSE) SSL/TLS implementation and against hardware security appliances using the Cavium NITROX SSL accelerator chip. Three of these side channels are timingbased, and two of them provide the first timing-based Bleichenbacher attacks on SSL/TLS described in the literature. Our measurements confirmed that all these side channels are observable over a switched network, with timing differences between 1 and 23 microseconds. We were able to successfully recover the PreMasterSecret using three of the four side channels in a realistic measurement setup.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2014
Autor(en): Meyer, Christopher ; Somorovsky, Juraj ; Weiss, Eugen ; Schwenk, Jörg ; Schinzel, Sebastian ; Tews, Erik
Art des Eintrags: Bibliographie
Titel: Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks
Sprache: Deutsch
Publikationsjahr: August 2014
Verlag: USENIX Association
Buchtitel: Proceedings of the 23rd USENIX conference on Security Symposium
Reihe: SEC'14
Veranstaltungsort: San Diego, CA, USA
Kurzbeschreibung (Abstract):

As a countermeasure against the famous Bleichenbacher attack on RSA based ciphersuites, all TLS RFCs starting from RFC 2246 (TLS 1.0) propose “to treat incorrectly formatted messages in a manner indistinguishable from correctly formatted RSA blocks”. In this paper we show that this objective has not been achieved yet (cf. Table 1): We present four new Bleichenbacher side channels, and three successful Bleichenbacher attacks against the Java Secure Socket Extension (JSSE) SSL/TLS implementation and against hardware security appliances using the Cavium NITROX SSL accelerator chip. Three of these side channels are timingbased, and two of them provide the first timing-based Bleichenbacher attacks on SSL/TLS described in the literature. Our measurements confirmed that all these side channels are observable over a switched network, with timing differences between 1 and 23 microseconds. We were able to successfully recover the PreMasterSecret using three of the four side channels in a realistic measurement setup.

ID-Nummer: TUD-CS-2014-1099
Fachbereich(e)/-gebiet(e): Profilbereiche
Profilbereiche > Cybersicherheit (CYSEC)
Hinterlegungsdatum: 21 Aug 2017 13:51
Letzte Änderung: 22 Jan 2019 10:37
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen