Infographic Template Galleries

Created with Fabric.js 1.4.5 A History of SSL Security 1994 1995 1996 2014 1999 2000 CBC Weaknesses demonstrated at 14th Annual InternationalCryptology Conference (CRYPTO '94) by Phillip Rogaway and Team. Netscape releases first web browser with support for SSLv2.0. SSLv3.0 Released, meant to replace SSLv2.0. TLSv1.0 released, as an upgrade over SSLv3.0. "The Security of the Cipher Block Chaining Message AuthenticationCode" published by Phillip Rogaway, based off the researchpresented by his team at CRYPTO '94. 2006 2011 TLSv1.1 released, including protections against CBC-based attackswhich SSLv2 and SSLv3 had already been shown to be vulnerable to. 2008 TLSv1.2 released, removing support for downgrading existingconnections to SSLv3.0. BEAST - CVE-2011-3389 - Browser Exploit Against SSL/TLS This exploit allows an attacker to retrieve sensitive data about the users connection, such as theircookie or other authentication token that may be transmitted in an HTTPS request. In order to exploitthis vulnerability, the attacker has to be able to inject javascript or some applet into the same origin asthe website to be targeted, must be able to sniff/intercept the users communication with the server,and the SSL cipher being used for the communication must be a block cipher. 2012 CRIME - CVE-2012-4929 - Compression Ratio Info-leak Made Easy Compression before encryption is performed is a common programming mistake, and in this case, allowsan attacker to leak details about communication, such as the users cookie, which would then allowthe attacker to impersonate that user. In this situation, the attacker must be able to modify some part of theusers request to the webserver in order to include custom data, which the attacker will modify requestafter request, checking the length of the returned response to determine how the message was compressed,and in the process, leak details about the contents of the request. Most major browsers have removedsupport for SSL and SPDY compression, which has effectively mitigated this, however many organizationsstill keep older versions of IE around for compatibility reasons. http://www.hit.bme.hu/~buttyan/courses/EIT-SEC/abib/04-TLS/BEAST.pdf http://www.ekoparty.org/archive/2012/CRIME_ekoparty2012.pdf LUCKY13 CVE-2013-0169 - Lucky Thirteen http://www.isg.rhul.ac.uk/tls/Lucky13.html Lucky13 is an attack which affects both SSL3.0 and TLS1.0. It is a padding oracle attack against CBC ciphers.This Man-in-the-Middle attack is considered to be more efficient than either BEAST or CRIME, however it stillmust make many failed connections to the target webserver in order to perform statistical analysis on theresponses. This can be detected and blocked server-side. 2012 2013 2013 BREACH CVE-2013-3587 - Browser Reconnaissance and Exfiltration viaAdaptive Compression of Hypertext http://breachattack.com/resources/BREACH - SSL, gone in 30 seconds.pdf BREACH is very similar to CRIME, in that it is dealing with compression and encryption, however instead ofattacking SSL-level compression, BREACH attacks HTTP-level compression. This attack requires that theweb application reflect some piece of user-controlled data in the response, and that a token such as aCRSF token must also be present in the HTTP response body. It is estimated that this attack can becompleted in under a minute, but depends on the size of the secret to be guessed. POODLE - CVE-2014-3566 - Padding Oracle On Downgraded Legacy Encryption https://www.openssl.org/~bodo/ssl-poodle.pdf POODLE is another padding oracle attack against SSLv3 when CBC ciphers are in use. This attack alsorequires the attacker to be man-in-the-middle on the users session to the webserver so that they canintercept and modify the clients requests. This attack requires that the attacker make at most256 requests per character of secret to be leaked.
Create Your Free Infographic!