POODLE abbreviates to Padding Oracle On Downgraded Legacy Encryption.
This vulnerability was discovered by Bodo Möller, Thai Duong & Krzysztof Kotowicz from the GOOGLE security team.
It has been listed in NVD (National Vulnerability Database)
The most severe problem of CBC encryption in SSL 3.0 is that its block cipher padding is not deterministic, and not covered by the MAC (Message Authentication Code): thus, the integrity of padding cannot be fully verified when decrypting
Some Transport Layer Security (TLS) implementations are also vulnerable to the POODLE attack.
https://www.youtube.com/watch?v=p2vG23Yz51I
https://www.youtube.com/watch?v=_CUzV0_AH9s
Is the practice and study of techniques for secure communication in the presence of third parties (called adversaries).
Various aspects in information security such as data confidentiality, data integrity, and authentication are central to modern cryptography
Symmetric - each peer uses same key to encrypt or decrypt data (Shared secret)
Asymmetric - A peer uses one key to encrypt and another key to decrypt (public / private)
Symmetric encryption algorithms or ciphers
DES - Craeated by IBM - 56-bit
3DES - Uses 3 DES keys - 68-bit
AES - 256-bit
Asymmetric algorithms or ciphers
RSA - 1024-bit or larger
DH - 536-bit or larger
Pre-shared keys (for smaller deployments)
Public Key Infrastructure (PKI - Larger deployments)
MD5 - 128-bit hash
SHA - 160-bit hash
This vulnerability was discovered by Bodo Möller, Thai Duong & Krzysztof Kotowicz from the GOOGLE security team.
It has been listed in NVD (National Vulnerability Database)
The most severe problem of CBC encryption in SSL 3.0 is that its block cipher padding is not deterministic, and not covered by the MAC (Message Authentication Code): thus, the integrity of padding cannot be fully verified when decrypting
Some Transport Layer Security (TLS) implementations are also vulnerable to the POODLE attack.
Systems Affected
All systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable.Impact
The POODLE attack can be used against any system or application that supports SSL 3.0 with CBC mode ciphers. This affects most current browsers and websites, but also includes any software that either references a vulnerable SSL/TLS library (e.g. OpenSSL) or implements the SSL/TLS protocol suite itself. By exploiting this vulnerability in a likely web-based scenario, an attacker can gain access to sensitive data passed within the encrypted web session, such as passwords, cookies and other authentication tokens that can then be used to gain more complete access to a website (impersonating that user, accessing database content, etc.).Solution
There is currently no fix for the vulnerability SSL 3.0 itself, as the issue is fundamental to the protocol; however, disabling SSL 3.0 support in system/application configurations is the most viable solution currently available.
References:
https://www.openssl.org/~bodo/ssl-poodle.pdfhttps://www.youtube.com/watch?v=p2vG23Yz51I
https://www.youtube.com/watch?v=_CUzV0_AH9s
Few Basic Concepts:
Cryptography:
Is the practice and study of techniques for secure communication in the presence of third parties (called adversaries).
Various aspects in information security such as data confidentiality, data integrity, and authentication are central to modern cryptography
Encryption: Hiding Data
Two types of Encryption keys:Symmetric - each peer uses same key to encrypt or decrypt data (Shared secret)
Asymmetric - A peer uses one key to encrypt and another key to decrypt (public / private)
Symmetric encryption algorithms or ciphers
DES - Craeated by IBM - 56-bit
3DES - Uses 3 DES keys - 68-bit
AES - 256-bit
Asymmetric algorithms or ciphers
RSA - 1024-bit or larger
DH - 536-bit or larger
Authentication: Verifying Identities
Two methods:Pre-shared keys (for smaller deployments)
Public Key Infrastructure (PKI - Larger deployments)
Hashing: Protecting against change (Data Integrity)
Hashing algorithmsMD5 - 128-bit hash
SHA - 160-bit hash
Are you sure there is no fix? I have heard AWS applied fix for this. Not sure.
ReplyDeleteThe fix is to move from SSL protocols to TLS1.1+. In the internet world ssl protocol is no more considered to be safe and it is marked as vulnerable. In addition that few ciphers like RC4 were also considered vulnerable and have been replaced with more secure ciphers
ReplyDelete