Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Triple Handshake Cookie Cutter InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Triple Handshake Cookie Cutter

Published: 2014-03-04
Last Updated: 2014-03-04 20:42:44 UTC
by Daniel Wesemann (Version: 1)
2 comment(s)

Researches have released a paper describing several vulnerabilities in TLS (Transport Layer Security). Some of the attacks have been known for a while, but the paper combines and explains them nicely, and also adds a couple of really clever new ideas. The tricks rely on cutting sessions off and re-starting them in a way that client and server end up with a different (security) state. The full research is available here https://secure-resumption.com/. The good news is that (a) the main impact is apparently limited to connections that use client-side certificates, which is rare, and (b) the researchers have informed the browser vendors early on, and some browsers and TLS libraries are already patched.

Keywords: Renegotiation TLS
2 comment(s)
Diary Archives