DOI QR코드

DOI QR Code

New Security Approaches for SSL/TLS Attacks Resistance in Practice

SSL/TLS 공격에 대한 신규 대응 방안

  • Phuc, Tran Song Dat (Department of Computer Science and Engineering, Seoul National University of Science and Technology) ;
  • Lee, Changhoon (Department of Computer Science and Engineering, Seoul National University of Science and Technology)
  • Received : 2017.05.08
  • Accepted : 2017.05.19
  • Published : 2017.05.31

Abstract

Juliano Rizzo and Thai Duong, the authors of the BEAST attack [11, 12] on SSL, have proposed a new attack named CRIME [13] which is Compression Ratio Info-leak Made Easy. The CRIME exploits how data compression and encryption interact to discover secret information about the underlying encrypted data. Repeating this method allows an attacker to eventually decrypt the data and recover HTTP session cookies. This security weakness targets in SPDY and SSL/TLS compression. The attack becomes effective because the attacker is enable to choose different input data and observe the length of the encrypted data that comes out. Since Transport Layer Security (TLS) ensures integrity of data transmitted between two parties (server and client) and provides strong authentication for both parties, in the last few years, it has a wide range of attacks on SSL/TLS which have exploited various features in the TLS mechanism. In this paper, we will discuss about the CRIME and other versions of SSL/TLS attacks along with countermeasures, implementations. We also present direction for SSL/TLS attacks resistance in practice.

SSL의 취약점을 이용한 공격 기법인 BEAST를 발표했던 Juliano Rizzo와 Thai Duong이 새로운 공격 기법인 CRIME(Compression Ration Info-leak Made Easy)을 발표하였다. CRIME 공격은 암호화된 데이터에 대한 비밀 정보를 찾아내기 위해 데이터가 압축 및 암호화되는 방법의 취약점을 이용한 공격이다. 공격자는 이 공격법을 반복하여 데이터를 복호화할 수 있고, HTTP 세션의 쿠기 데이터를 복원할 수 있다. 공격자는 SPDY 및 SSL/TLS의 압축 함수를 대상으로 하는 이 보안 취약점을 이용하여 다양한 길이의 입력 데이터를 선택함으로써 암호화된 데이터의 길이를 확인할 수 있다. TLS 프로토콜은 두 통신자(서버 및 클라이언트) 사이에서 발생하는 데이터 통신의 무결성을 보장하고 두 대상에 대한 인증 수단을 제공하고 있으며, 최근 몇 년 동안 이들을 대상으로 TLS 메커니즘의 몇몇 특성들을 이용한 다양한 공격들이 수행되고 연구되었다. 본 논문에서는 CRIME 및 SSL/TLS에 대한 다양한 공격 기법들과 이들에 대한 대응 및 구현 방안에 대하여 논의하며, 실용적인 관점에서 SSL/TLS 공격 대응 방안의 방향을 제시한다.

Keywords

References

  1. AlFardan, N. and Paterson, K., "Lucky Thirteen: Breaking the TLS and DTLS Record Protocols," IEEE Symposium on Security and Privacy, http://www.ieee -security.org/TC/SP2013/papers/4977a526.pdf, 2013.
  2. AlFardan, N., Bernstein, D., Paterson, K., Poettering, B., and Schuldt, J., "On the Security of RC4 in TLS and WPA," http://www.isg.rhul.ac.uk/tls/RC4biases.pdf, 2013.
  3. Bellare, M. and Rogaway, P., "Entity authentication and key distribution," pp. 232-249, 1994.
  4. Dierks, T. and Allen, C., "The TLS Protocol Version 1.0," RFC 2246, Internet Engineering Task Force, 1999. Available at: http://www.ietf.org/rfc/rfc2246.txt.
  5. Hwang, S. J. and Lee, C. H., "Padding Oracle Attack on Block Cipher with CBC CBC-Double Mode of Operation using the BOZ-PAD," The Journal of Society for e-Business Studies, Vol. 20, No. 1, pp. 89-97, 2015. https://doi.org/10.7838/jsebs.2015.20.1.089
  6. Jin, C. Y., Kim, A. C., and Lim, J. I., "Correlation Analysis in Information Security Checklist Based on Knowledge Network," The Journal of Society for e-Business Studies, Vol. 19, No. 2, pp. 89-97, 2014.
  7. Mavrogiannopoulos, N., Vercauteren, F., Velichkov, V., and Preneel, B., "A crossprotocol attack on the TLS protocol," Proceedings of the 2012 ACM Conference in Computer and Communications Security, pp. 62-72, http://doi.acm.org/10.1145/ 2382196.23 82206, 2012.
  8. Popov, A., "Prohibiting RC4 Cipher Suites," Work in Progress, draft-ietf-tls-prohibiting- rc4-01, 2014.
  9. Prado, A., Harris, N., and Gluck, Y., "The BREACH Attack," http://breachattack.com, 2013.
  10. Rescorla, E., "SSL and TLS: Designing and Building Secure Systems," Addison-Wesley, 2001.
  11. Rizzo, J. and Duong, T., "Browser Exploit Against SSL/TLS," http://packetstormsecurity.com/files/105499/Browser-Exploi t-Against-SSL-TLS.html, 2011.
  12. Rizzo, J. and Duong, T., "Here Come The Ninjas," Ekoparty Security Conference, 2012.
  13. Rizzo, J. and Duong, T., "The CRIME Attack," EKOparty Security Conference, 2012.
  14. Rosenfeld, M., "Internet Explorer SSL Vu lnerability," 2008. Available at: http://www.thoughtcrime.org/ie-ssl-chain.txt.
  15. Seok, O. N., Han, Y. S., Eom, C. W., Oh, K. S., and Lee, B. K., "Developing the Assessment Method for Information Security Levels," The Journal of Society for e-Business Studies, Vol. 16, No. 2, pp. 159-169, 2011. https://doi.org/10.7838/JSEBS.2011.16.2.159