Free Download     |     Resource Center    |     Customer Login
1.877.No.Token (1.877.668.6536)
Live Chat
PhoneFactor Blog
Steve Dispensa

Slaying BEAST: Mitigating the latest SSL/TLS Vulnerability

Posted  September 23, 2011 By Steve Dispensa

Not even two years after Marsh and I described the renegotiation flaw, TLS and SSL have been hit again. The attack, dubbed BEAST by researchers, was described by Rizzo and Duong at the ekoparty security conference. It allows an adversary to decrypt parts of the encrypted data stream, potentially leading to session hijacking, information disclosure, and more. The concept behind the attack had been previously described, but it was thought at the time to be impractical.

The problem lies in the way that block ciphers are used in SSL/TLS. Block ciphers are generally operated in one of several modes that define how encrypted blocks are manipulated to ensure complete confidentiality. Cipher Block Chaining, or CBC mode, is used in SSL for all block ciphers, including AES and Triple-DES. The BEAST attack relies on a weakness in the way CBC mode is used in SSL and TLS. Non-CBC cipher suites, such as those using the RC4 stream encryption algorithm, are not vulnerable.

There have been several suggested mitigations that can be put into play from the perspective of the client, such as reorganizing the way the data is sent in the encrypted stream. Servers can protect themselves by requiring a non-CBC cipher suite. One such cipher suite is rc4-sha, which is widely supported by clients and servers.

To assist with the necessary server reconfiguration, PhoneFactor has produced a white paper describing the process. Please note that it is just a recommendation that we feel would work for most sites, but it is important for you to evaluate our suggestions in light of your actual architecture.

Download Whitepaper
Download Associated Text File

In the end, TLS is still among the most widely deployed security protocols, and the fact that it’s had a difficult couple of years is an indicator of just how many eyeballs are pointed at it. It’s still always safer to use a public, highly analyzed cryptosystem than to invent one from scratch, as attacks like BEAST show just how difficult it can be to get it right.

- Steve

Leave a Reply


Subscribe

Email:
Enter your email address:

RSS Feed:
Subscribe in a reader.

Archives

Blogroll

   Terms  |  Sitemap  |  Support  |  Contact               

PhoneFactor, Inc provides secure two-factor authentication services to leading companies worldwide. PhoneFactor's multifactor out-of-band authentication software is a cost effective, user friendly alternative to security tokens, fobs, certificates, and other 2 factor authentication methods.
Secure User Authentication: SSL VPN Authentication | Citrix Authentication | Web Authentication | Terminal Services Authentication | Tivoli Authentication | Online Banking Authentication
Two-Factor Authentication for Regulatory Compliance: Payment Card Industry Data Security Standards (PCI DSS) Compliance | FFIEC Compliance | HIPAA Compliance | NIST 800-63
Compare Phone Authentication to: Security Tokens | SMS Authentication | Biometric Authentication | Soft Tokens | Smart Cards | Certificates