Transaction Confidentiality Based on SSL is Dead! – ActivIdentity Blog

If SSL and the internet security foundation is crumbling, hold on we are in for a bumpy ride! If the alleged hack on SSL (specifically TLS 1.0) presented by Thai Duong and Juliano Rizzo at the Ekoparty Security conference is true then we have to mark today as a black day for the internet.

What could possibly happen is the equivalent of most men wearing kilts and most women skirts and realizing that all staircases leading to the important places you need to go to are made of glass. Or maybe to put it another way is that x-ray vision glasses are suddenly available to anyone from Oakley.

This scenario has a profound impact and that’s not even starting to worry about the impact on privacy and exposing our private bits. What is fundamentally profound here is that anyone can read your passwords now and steal your browser session. As the technology that was supposed to have protected your password from spying eyes is broken and is allowing a hacker with x-ray vision using the BEAST tool to see all your traffic in the clear.

To spell it out: transaction confidentiality based on the SSL TLS V1.0 protocol (the most used still today) is dead!

So what do we have now left to protect our transactions now?

To start with, authentication should be done as an ever changing and one time password, so even if the attacker sees your password, it always changes and hence cannot be guessed for the next authentication. This can be achieved by many techniques both using OTP technology and PKI using a challenge response.

But this won’t help to a level that is needed since the attacker can then simply read and hijack your session.

So the only true defense from fraudulent transactions is to sign the transaction or part of the transaction data so that the attacker cannot inject bogus material.

This means effectively using a token with a pin pad (software on phone or dedicated hardware token) to enter transaction details or signing the transaction using a PKI cert. This allows a cryptographic signature that the attacker can't forge and is intrinsically linked to the transaction data (for example amount and target account number for a bank transfer) that is independent from the transport security and cannot be forged by the spying attacker.

This is the only way to stay secure until the infrastructure has been upgraded from TLS V1.0.

Leave a Reply