When BEAST attacks

BEAST (Browser Exploit Against SSL/TLS) was recently unveiled by a pair of researchers at a convention in Buenos Aires.

http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/

It’s a javascript based attack on what what previously a theoretical weakness in TLS 1.0 (Transport Layer Security).  It breaks the encryption on session cookies, and can therefore lead to an attacker gaining access to their victim’s account.  The example used was PayPal, but it would probably be effective against many banking sites and other sensitive information.

Newer versions of TLS (1.1, 1.2) are not susceptible to the attack, but those versions are not yet implemented in Firefox, Chrome, or Safari browsers.  Because of the way this protocol works, a web server set to use a higher version will not work with a browser on a lower version, so to maximize compatibility, most sites are still on TLS 1.0.  So even though the weakness has been remedied, the vast majority of sites and browsers are vulnerable to this.

I don’t have all of the details around the attack, but it would seem that this could be combined with Cross-site scripting (XSS) in a phishing scheme.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s