Executive SummaryTLS or Transport Layer Security as well as its predecessor known as SSL or Secure SocketsLayer are secure protocols that are designed for providing encryption over wireless networks.HTTPs is the default standard network protocol of HTTP that is used in combination with aTLS or SSL channel. Now, CVE-2014-3566 or more commonly known as the POODLE is aweakness in version 3 of the SSL protocol. This vulnerability allows an attacker to recoversmall bits of information in plaintext, although from an encrypted SSL 3 connection byissuing various crafted HTTPS requests. The attacker can issues multiple HTTPS requestsand get plaintext byte and therefore allows him to gues a particular byte. In order to mitigatethis vulnerability, lots of companies have jumped over the TLS protocol.Technical DescriptionVulnerability DescriptionA vulnerability discovered in the third version of Secure Socket Layer allows for attacker toguess the plaintext in secure encrypted connections, effectively defeating the sole purpose ofSSL. The SSL security SSL and TLS are communication protocol that protect the integrityand confidential of communications by encrypting the messages end to end. However, thevulnerability here kon as POODLE or Padding Oracle on Downgraded Legacy Encryptionhave been discovered. Malicious agents are likely going to make this vulnerability into a full-fledged attack. This vulnerability can be executed via the man-in-the-middle type of attackswhere an attacker would force the downgrade of an encryption protocol to the version 3 ofSSL and thereafter targeting the system which is decrypting the data. In the process, theattacker would also be observing the exchange and also applying for a paddle based attack inorder to recover the plain type text . Attack VectorThe main attack vector here is in the form of a man-in-middle type of attack. In this case, theattacker assumes the role of the middle man and makes use of multiple types of man-in-themiddle techniques for the attack. The handshake here begins when the client’s device sends ahello message to the server to which it responds with another help message. Once both sidehas completed the handshake, the encrypted data would begin transferring. This is exactlywhen the page starts to be displayed on the screen. The encrypted data being exchangedbetween the client and server is the main data that is crucial for the attack to happen. Theattacker performs a man in the middle attack in order to send a request to the server and
Found this document preview useful?
SSL/TLS VPN Technologies for Secure Network Connectionlg...
TLS/SSL Handshake with RSA and DHE - Deskliblg...
Questions & Answers on Symmetric Block Cipher and Encryption Processlg...
SSL Handshake: A Process for Secure Communication between Client and Serverlg...
Research Paper: Heartbleed Vulnerabilitylg...
CSI2102 - Introduction to Information Securitylg...