Vulnerabilities / Threats

5/27/2014
05:40 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

SSL After The Heartbleed

Encryption gets a big wake-up call -- and a little more scrutiny.

Heartbleed wasn't the first security hole discovered in SSL deployments, and it won't be the last.

The discovery of the dangerous flaw in a widely deployed SSL software platform, OpenSSL, initially shook some confidence in SSL-encrypted websites and servers, but in the end it served as a healthy wake-up call for encryption deployments, security experts say. The vulnerability, which is in the software itself and not the Secure Sockets Layer/Transport Layer Security protocol, illuminated how encryption software isn't immune to coding errors.

SSL had been touted as the answer to all things privacy since Edward Snowden's leak of documents about controversial National Security Agency surveillance operations, but became a three-letter word in the wake of the Heartbleed vulnerability disclosure in April. Security experts say Heartbleed likely only scratched the surface of weaknesses in SSL software and implementations.

The good news for SSL/TLS encryption is that it's now under the research microscope, so software and the protocol itself will ultimately evolve into stronger and more secure versions.

"There have been bad bugs before, and there will be again. This [Heartbleed] is a particularly nasty bug we'll be dealing with for a while," says Dan Kaminsky, chief scientist at White Ops. "But it wasn't the end of the world. The 'worst' thing was that average users were told to change their passwords."

Encryption expert and security guru Bruce Schneier says Heartbleed didn't damage SSL or shake confidence in the encryption protocol. "I don't think Heartbleed changed anything. A vulnerability was found and fixed," Schneier says. "SSL was never a panacea... you've always got to raise the bar."

"SSL has always had a lot of problems. This is nothing new," he says.

Indeed, there have been SSL hacks before: In 2009, researchers exploited a known weakness in the algorithm in some SSL digital certificates to impersonate secure websites, and man-in-the-middle attacks such as SSLStrip emerged. And in 2011, there was the THS-SSL-DOS tool that basically knocked out an HTTPS-based server via a denial-of-service attack using a single laptop and a DSL connection. And there have been other SSL hacks researchers have demonstrated over the years.

SSL, meanwhile, has survived and remained the de facto encryption protocol. "The reason SSL has been so successful is that it's evolved" over the years, says Chris Bailey, general manager of trust services at Trend Micro."[The industry] definitely is going to be looking at flaws... and implementations more closely. Also, the underlying standards will benefit from a closer look."

There's always a new generation of cryptography waiting in the wings to replace existing algorithms, anyway, he says. "I think we're in a better state than we have been in several years with encryption," he says. "The whole Snowden thing... [generated] more active conversation. People are discussing and thinking about encryption and not just taking it for granted."

Heartbleed is a read-overrun bug in the implementation of the Transport Layer Security protocol's "heartbeat" extension, an extension to the protocol that checks on the site to which it is connecting to ensure it's connected and can respond. If exploited, the bug leaks the contents of the memory from the server to the client and vice versa, potentially exposing passwords and other sensitive data, and most alarmingly; the SSL server's private key. OpenSSL Versions 1.0.1 and 1.0.2 beta are affected by the vulnerability, which was discovered by security researchers at Google and Codenomicon, and OpenSSL since has issued an updated version of the software that fixes the bug.

[Debate arises over an older memory allocation feature in OpenSSL, and the OpenBSD community starts to tear down and revise the crypto software for its own use. Read Did A Faulty Memory Feature Lead To Heartbleed?.]

Caroline Wong, a director at Cigital, says the good news is that Heartbleed was a reality check for SSL. Namely, that because it's software, things can and will go wrong. "The root of the problem is human programming error," Wong says.

SSL is used today for encrypting communications sessions on the Web via websites, virtual private network, email, and instant messaging sessions. But most websites today do not use SSL -- or HTTP-S -- save for high-profile ones that include financial transactions or other sensitive traffic such as banks and retailers, for example. There are an estimated 3.3 million to 4 million SSL digital certificates in circulation on the public-facing Internet, according to a University of Michigan report.

Cost isn't a major hurdle for adopting SSL, experts say. Computing power isn't as expensive as it once was, and SSL isn't that much pricier than pure HTTP: it costs about $150 per year or less for an SSL certificate, says Michael Klieman, senior director of product management at Symantec.

"We believe that 'always-on' SSL, the notion of encrypting everything, is what we should strive for. Today's limited use of SSL presents implementation risks where, unknowingly, customers can leave critical data unencrypted," Klieman says. "The main barriers are really outdated beliefs and practices, which we're working hard to overcome. But this is not just up to certificate authorities. Internet providers, browser vendors and others in the ecosystem play a role in continuing to increase security on the Internet."

Adding SSL sometimes requires adjusting capacity, namely in the case of large sites, and of course, managing digital certificates. "For the vast [number of sites], it's a low cost threshold," Trend Micro's Bailey says. "I'm more in the camp of just go ahead and encrypt everything. I think it's good practice."

Not everyone agrees that SSL should be everywhere on the Web. "Why would you need SSL to go browse Flickr? Why would you need it everywhere?" says Ralph Logan, CEO of big-data analysis firm Kiku Software.

Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
No SOPA
50%
50%
No SOPA,
User Rank: Ninja
5/29/2014 | 10:27:14 PM
Re: SSL and the Fallacies
@theb0x - agreed.  Love: TCP MAC option.

http://tools.ietf.org/html/draft-bittau-tcp-crypt-04#page-39
theb0x
50%
50%
theb0x,
User Rank: Ninja
5/29/2014 | 8:51:59 PM
Re: SSL and the Fallacies
I would like to see more development in something like tcpcrypt.
Sara Peters
50%
50%
Sara Peters,
User Rank: Author
5/28/2014 | 2:59:20 PM
Ugh
I kind of hate SSL. It's not exactly the technology that I hate. It's the faith people put in it. I think people think it's way better than it is, and I don't think we've done a very good job of telling the general public about what it really is and isn't. It's just "the browser bar is green, so you're perfectly safe, always, everywhere." I think most people give it too much credit.
No SOPA
50%
50%
No SOPA,
User Rank: Ninja
5/28/2014 | 4:37:00 AM
SSL and the Fallacies
Those familiar with the Fallacies of Distributed Computing [http://en.wikipedia.org/wiki/Fallacies_of_Distributed_Computing] may give pause to the statement "'always-on' SSL, the notion of encrypting everything, is what we should strive for".

As with any technology, the more encryption you lay over it, the harder cyber-criminals will work to crack it, from tricking users to accept a bad certificate, obtaining valid certificates and using them maliciously, SSLStrip (stripping away the S in HTTPS and dropping the using into masked HTTP), cracking SSL keys, to side-channel attacks like Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext [BREACH] which leverages compression and takes advantage of HTTP responses, which are compressed using mechanisms such as gzip; SSL will always be under attack.

Let's see some thoughtful and innovative approaches to the social side of the security and privacy problem first, before we simply throw more tech (or money) at it. 
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
New Free Tool Scans for Chrome Extension Safety
Dark Reading Staff 2/21/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1944
PUBLISHED: 2019-02-21
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-For...
CVE-2018-1945
PUBLISHED: 2019-02-21
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click act...
CVE-2018-1946
PUBLISHED: 2019-02-21
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the stronges...
CVE-2018-1947
PUBLISHED: 2019-02-21
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure withi...
CVE-2018-1948
PUBLISHED: 2019-02-21
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to...