New denial of service tool knocks out encrypting servers

A group calling itself The Hacker's Choice (THC) has released a tool that enables a single computer to disable an encrypting server. The concept used by the tool is based on forcing the server to renegotiate the key used for encryption.

Encrypting and decrypting payload data for services such as https is not particularly resource-hungry. Where an https connection gets really resource-intensive is in establishing the SSL connection, which involves key negotiation. This is, in part, because data encryption is carried out using highly efficient symmetric algorithms such as AES. To negotiate the AES session key, however, SSL needs to use resource-intensive asymmetric algorithms such as RSA. This is due both to the specific mathematical process involved and the key length required – AES, for example, requires 128 or 256 bits, whereas RSA requires 1024 or even 2048 bit keys.

THC's new SSL-DoS tool makes use of this to generate huge loads on https servers using a minimum of bandwidth. After establishing a connection, it repeatedly requests renegotiation of the key. In doing so it can generate up to 1,000 connections in parallel. According to THC, this means that a standard laptop is able to disable an "average server" via a single broadband connection. Of particular concern is the fact that this is not limited to web servers, but can also be used to attack email services and other servers which use encrypted SSL connections.

One workaround is to disable key renegotiation in SSL settings – few clients use this feature anyway. Doing so will indeed thwart THC's tool, but it does not address the fundamental problem. THC notes that the program can easily be modified to deal with this – and apparently has been. The source code contains a reference to a private version with extended functionality. The modified version is apparently able to knock out an entire server farm with SSL load balancing using just 20 computers.

The reason the tool has now been had an "official" public release appears to be because it was reportedly "leaked to the public a couple of months ago". In a posting about the release, THC members go on about civil rights, freedom of speech and the unsatisfactory nature of SSL security in general, without really making clear the connection between these issues and the release of their tool.

It is, however, true that the wound into which THC are rubbing salt is an old one. In doing so they are adding fuel to discussions on the future of SSL-based encryption. In recent months, SSL has been in the news in relation to fake certificates and hacks at certificate authorities which have combined to undermine faith in the hierarchical trust model. Last month's successful attacks on the actual encryption and now this DoS tool, which raises questions about the reliability of all SSL services, have shown that the technical foundations of SSL are far from solid.

In the short-term, however, affected administrators' appreciation for this is likely to be muted. Anyone downloading and running the tool should, however, be aware that its use against external systems may constitute a criminal offence and is likely to be traceable.

(crve)