A pair of researchers have unveiled a serious new attack on web browser security.
The researchers used this week’s Ekoparty security conference in Buenos Aires to unveil a new tool that attacks TLS and SSL, the cryptographic protocols used to establish secure web connections.
The ability to crack encrypted web traffic removes the safety net that protects you when you’re doing sensitive online tasks like banking or using credit cards.
The tool, known as BEAST (Browser Exploit Against SSL/TLS), compromises TLS by exploiting a vulnerability that has been known about for years but which has been treated as a theoretical problem until now.
However, although researchers Thai Duong and Juliano Rizzo have significantly raised the stakes it’s probably too early to start hoarding tins of beans and donning our tin foil hats.
Right now the attack can take up to half an hour to execute. Although the researchers have hinted that this can be significantly reduced the fact is that if you have the malicious nature, time and access required to execute this attack then there are probably easier ways to exercise your criminal ambitions.
Even when governments attack weapons manufacturers, they don’t need to get any more high-tech then basic con tricks like spear-phishing.
The danger of BEASTly attacks against TLS has moved a little closer but we probably have enough time to react before it becomes practical.
A good start would be for browser and server vendors to pull their collective fingers out and start supporting versions 1.1 and 1.2 of TLS. Both of them have specific defences against this kind of attack but unfortunately support for them is poor.
Duong and Rizzo tipped off the major browser vendors about their findings months ago but so far the only response appears to have come from the folks at Chrome. A fix for the attack is currently under test in the development version of their browser.
If you run a web server and you’re concerned you may want to take a look at switching them so that they prefer the rc4-sha cipher. It’s widely supported and isn’t vulnerable to this kind of attack.
Although the BEAST attack is targeted at browsers there are plenty of other applications that rely on TLS, not least mail servers. Although BEAST isn’t targeted at them I’m sure it will have raised eyebrows and their vendors will be taking a keen interest. Keep an eye out for updates and advisories.
If you want to know more about how the attack actually works then I recommend you take a look at nickm’s excellent and accessible write-up over at the Tor project.
Excellent image of Trogdor courtesy of Mr. Usaji
6 comments on “Secure web browsing cracked by BEAST”
OMG.. https is the only way we keep secure. now it also got cracked
HTTPS by itself wouldn't provide 100% protection, since it only shows you've securely connected to something. That something could be an attacker relaying traffic between the browser and the server. That's why it's important to check certificates.
The Trogdor pumpkin picture is priceless. Well-chosen.
I am so glad you liked it. And here's a link for the uninitiated: http://www.homestarrunner.com/sbemail58.html
I use ssh “-D” (dynamic proxy) from my linux laptop frequently to proxy my browser sessions outbound. Note that, at least for google chrome, you must also turn off “DNS prefetch” in preferences/under this hood otherwise all your DNS lookups will not proxied potentially spilling your browsing history to the local administrator.
The exploit code given in the paper relies on HTML 5 WebSockets to gain enough control of the connection.
However (though this is hard to tell as the WebSocket API is a mess), it looks like the browser should be preventing that connection due to the same-origin policy (i.e. the port has changed).
This attack could be considered a bug in the WebSocket implementation.
Though if it is also exploitable from Java and Silverlight that is potentially more serious (though both of them really should have a same-origin policy too).