Attacks/Breaches
8/5/2013
11:47 AM
Connect Directly
RSS
E-Mail
50%
50%

HTTPS Hackable In 30 Seconds: DHS Alert

Department of Homeland Security urges all website operators to review whether they're vulnerable to new crypto attack. No easy fix exists.

9 Android Apps To Improve Security, Privacy
9 Android Apps To Improve Security, Privacy
(click image for larger view)
Security experts are warning website operators to test whether their HTTPS traffic is vulnerable to a new crypto attack that can be used to grab sensitive information.

The so-called BREACH attack -- short for Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext -- was detailed in a Department of Homeland Security (DHS) "BREACH vulnerability in compressed HTTPS" advisory, issued Friday, which warned that "a sophisticated attacker may be able to derive plaintext secrets from the ciphertext in an HTTPS stream." All versions of the transport layer security (TLS) and secure sockets layer (SSL) protocols are vulnerable.

Full details of the vulnerability were first unveiled Thursday at the Black Hat conference in Las Vegas by Salesforce.com lead product security engineer Angelo Prado, Square application security engineer Neal Harris, and Salesforce.com lead security engineer Yoel Gluck. Their man-in-the-middle HTTPS crypto attack involves watching "the size of the cipher text received by the browser while triggering a number of strategically crafted requests to a target site," according to exploit details provided by Prado to DHS. "To recover a particular secret in an HTTPS response body, the attacker guesses character by character, sending a pair of requests for each guess. The correct guess will result in a smaller HTTPS response," he said.

[ Read how Facebook just fixed a big security hole: How To Hack Facebook In 60 Seconds. ]

With repetition, an attacker can guess the exact secret. "In practice, we have been able to recover CSRF tokens with fewer than 4,000 requests," said Prado. "A browser like Google Chrome or Internet Explorer is able to issue this number of requests in under 30 seconds, including callbacks to the attacker command and control center."

Prado told Dark Reading that the group's research builds on the Compression Ratio Info-leak Made Easy (CRIME) exploit discovered last fall by security researchers Juliano Rizzo and Thai Duong, who had previously discovered the Browser Exploit Against SSL/TLS (BEAST) attack. The new attack could be used to surreptitiously retrieve user IDs, email addresses, some types of authentication tokens, password-reset links and more from sites secured using HTTPS.

Prado and his fellow researchers have promised to release a related tool to allow businesses to test whether their sites are susceptible to a BREACH-style attack.

Their attack is the latest exploit that demonstrates that so-called secure HTML pages aren't always fully secure. "When you're designing security protocols, you can implement cryptography properly, but you cannot always provide perfect confidentiality," said Prado. "When you mix a lot of protocols into the stack, there might be other layers in the stack that might be overly permissive, and then you might be able to compromise the entire trust relationship."

On the upside, the vulnerabilities outlined by the trio would need to be targeted on a site-by-site basis. For any compromised site, visitors would then be at risk of having their secret details compromised.

But Prado said that numerous sites are at risk, and that crafting a related HTTPS fix would likely be "nontrivial." Still, the DHS advisory details mitigation strategies that businesses can employ, which include disabling HTTP compression such as gzip, as well as randomizing the secrets being transmitted in any particular request.

"HTTPS remains a good method of transmitting data online, but it certainly isn't perfect," AppRiver security analyst Jon French told the British Computer Society. "'Many researchers and hackers are constantly trying to find flaws within the HTTPS protocol precisely because so many people rely on it. As a result, while BREACH is the latest tool for intercepting HTTPS traffic, it's not the only one out there."

Still, the BREACH exploit vector carries caveats. "Researchers say that attackers must have access to passively monitor the target's Internet traffic," French said. "In most cases, monitoring would have to be done locally on the same network -- and that adds a layer of difficulty for hackers."

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
David F. Carr
50%
50%
David F. Carr,
User Rank: Apprentice
8/6/2013 | 1:58:55 PM
re: HTTPS Hackable In 30 Seconds: DHS Alert
"locally on the same network" == sitting in the same coffee shop on the same wireless network? Not such a rare scenario
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2006-1318
Published: 2014-09-19
Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."

CVE-2012-2588
Published: 2014-09-19
Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Enterprise 6.5 allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, or (3) Subject header or (4) body in an SMTP e-mail message.

CVE-2012-6659
Published: 2014-09-19
Cross-site scripting (XSS) vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

CVE-2014-1391
Published: 2014-09-19
QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding.

CVE-2014-3614
Published: 2014-09-19
Unspecified vulnerability in PowerDNS Recursor (aka pdns_recursor) 3.6.x before 3.6.1 allows remote attackers to cause a denial of service (crash) via an unknown sequence of malformed packets.

Best of the Web
Dark Reading Radio