Major vulnerability in SSL authentication
Marsh Ray and Steve Dispensa of PhoneFactor discovered a serious vulnerability in SSL, the most common data security protocol on the Internet. The SSL Authentication Gap allows an attacker to mount a man-in-the-middle attack, and affects the majority of SSL-protected servers on the Internet.
Specifically, the vulnerability allows the attacker to inject himself into the authenticated SSL communications path and execute commands. Furthermore, both the web server and the web browser generally have no idea their session has been hijacked.
The vulnerability results from a weakness in the SSL protocol standard (formally known as Transport Layer Security, or TLS). As such, most SSL implementations are vulnerable in one way or another. Affected scenarios include web surfers doing online banking, back-office systems using web services-based protocols, and non-HTTP applications such as some mail servers, database servers, and so on.
“Because this is a protocol vulnerability, and not merely an implementation flaw, the impacts are far-reaching,” said Steve Dispensa, CTO of PhoneFactor. “All SSL libraries will need to be patched, and most client and server applications will, at a minimum, need to include new copies of SSL libraries in their products. Most users will eventually need to update any software that uses SSL.”
To address the issue, the PhoneFactor team organized a working group of affected vendors, together with representatives from the appropriate standards committees. The group reached a consensus on how to address the underlying issue with the SSL Standard and patch the SSL libraries and also created a set of recommended methods for mitigating the vulnerability.
“The discovery of this vulnerability speaks to a larger issue with single channel authentication protocols,” said Dispensa. “While this vulnerability is larger in scope than many, man-in-the-middle attacks have been a known threat for some time. Out-of-band protocols should be considered when possible to help mitigate the risk of these attacks.”