Tool cracks SSL cookies in just ten minutes

On Friday, 23 September, at the Ekoparty security conference in Buenos Aires, researchers Juliano Rizzo and Thai Duong are planning to present a tool known as BEAST (Browser Exploit Against SSL/TLS). The tool allows an attacker on the same network to intercept and decrypt SSL cookies by performing a 'blockwise-adaptive chosen-plaintext' attack on encrypted packets.

The attacker has to get the browser to send some data to the remote site over the encrypted channel. Since the attacker now has both plain and encrypted text, they are able to determine the entropy used, significantly reducing the work involved in cracking the encryption. According to comments made by Rizzo to The Register, BEAST is now able to crack an encrypted PayPal cookie in less than ten minutes.

The secret lies in the way that it manipulates packets – HTTPS pages are in fact adequately protected by their encryption. The researchers have said only that BEAST is based on JavaScript which has to be injected into the victim's browser. The rest is done by a network sniffer. Exactly how the latter works has not yet been made clear and has already triggered a lively debate within the security community.

The attack only works where communication is encrypted with TLS version 1.0 – version 1.1, which was adopted in 2006, is not vulnerable to this attack. In practice, however, nearly all HTTPS connections continue to make use of TLS 1.0. OpenSSL is used on a large number of servers, but only version 1.0.1, a development release, currently supports the newer TLS 1.1 standard. No specific remedies for this problem are available at present.

(crve)