Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Warning: 64-bit ciphers not as secure as originally believed

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

August 29, 2016

University researchers with France's INRIA organization are warning that 64-bit ciphers which reside in TLS configurations and OpenVPN are not as secure as most people think.

The research institute's researchers, Karthikeyan Bhargavan and Gaetan Leurent, have carefully demonstrated that a man-in-the-middle on a long-lived encrypted session can gather enough data for a “birthday attack” on Blowfish and triple DES encryption. They dubbed the attack “Sweet32”.

The trick to Sweet32 is that the attackers worked out that with a big enough traffic sample, any repeated crypto block gives them a start towards breaking the encryption, and collisions are manageably common with a 64-bit block cipher like Blowfish or Triple-DES.

They call it a “birthday attack” because it works on a similar principle to what's known as the “birthday paradox” – the counter-intuitive statistic that with 23 random people in a room, there's a 50 percent chance that two of them will share the same birthday.

In the case of Sweet32 (the 32 being 50 percent of the 64 bits in a cipher), the “magic number” is pretty big-- the authors write that 785 GB of captured traffic will, under the right conditions, yield up the encrypted HTTP cookie and let them decrypt Blowfish- or Triple-DES-encrypted traffic.

To launch the attack, you need to:

  • Get a victim to visit a malicious site (we'll call it Site A), one that they have to log into. The victim's login sets an HTTP cookie the browser uses for future requests;
  • Pass the victim on to Site B, which generates millions of JavaScript requests to Site A, using the login cookie given to the victim;
  • Keep the connection alive long enough to store 785 GB of encrypted data blocks, and look for a collision to happen;
  • Finally, decrypt the login cookie.
  • But make no mistake: decryption is still the most difficult task to achieve: the researchers note that it's far from an instant process.

    On Firefox Developer Edition 47.0a2, with a few dozen workers running in parallel, we can send up to 2,000 requests per second in a single TLS connection.

    In our experiment, we were lucky enough to detect the first collision after only 25 minutes (220.1 requests), and we verified that the collision revealed the plaintext we were after.

    The full attack should require 236.6 blocks (785 GB) to recover a two-block cookie, which should take about 38 hours in our setting.

    Experimentally, we have recovered a two-block cookie from an HTTPS trace of only 610 GB, captured in 30.5 hours.

    But as the researchers note, long-lived encrypted connections exist in at least one real-world setting: VPN sessions, and this is what we need to remember in these experiments.

    “Our various attacks impact a majority of OpenVPN connections and an estimated 0.6 percent of HTTPS connections to popular websites. We expect that our attacks also impact a number of SSH and IPsec connections, but we do not have concrete measurements for these protocols,” added Karthikeyan Bhargavan.

    For users, that means switching from 64-bit ciphers to 128-bit ciphers. Or, if you can't get the server to switch, set up your client to force frequent re-keying as an alternative.

    Browser makers, TLS library authors and OpenVPN have already been notified, all of them, and are working on various patches to secure their systems.

    Source: The French National Institute for Computer Science.

    Sponsered ads:
    Read the latest IT news. Visit ItDirection.net. Updated several times daily.

    If you need reliability when it comes to SMTP servers, get the best, get Port 587.

    Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

    Share on Twitter.


    Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
    Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer