• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

1998 attack that messes with sites’ secret crypto keys is back in a big way

Status
Not open for further replies.
Joined
Aug 22, 2010
Messages
206 (0.08/day)
Likes
93
Location
Germany
#1
A surprisingly big number of top-name websites—Facebook and PayPal among them—recently tested positive for a critical, 19-year-old vulnerability that allowed attackers to decrypt encrypted data and sign communications using the sites' secret encryption key.

The vulnerability in the transport layer security protocol for Web encryption was disclosed in 1998 when researcher Daniel Bleichenbacher found it in the TLS predecessor known as secure sockets layer. A flaw in the algorithm that handles RSA encryption keys responded to certain types of errors in a way that divulged potentially sensitive information. With enough specially formed queries, attackers could exploit the weakness in a way that allowed them to decrypt ciphertext even when they didn't have the secret decryption key. SSL architects responded by designing workarounds that suppressed the error messages rather than removing or rewriting the faulty RSA algorithm.
Full story at Ars Technica
 
Joined
Oct 2, 2004
Messages
12,606 (2.59/day)
Likes
5,998
Location
Europe\Slovenia
System Name Dark Silence 2
Processor Intel Core i7 5820K @ 4.5 GHz (1.15V)
Motherboard MSI X99A Gaming 7
Cooling Cooler Master Nepton 120XL
Memory 32 GB DDR4 Kingston HyperX Fury 2400 MHz @ 2666 MHz
Video Card(s) AORUS GeForce GTX 1080Ti 11GB (2000/11100)
Storage Samsung 850 Pro 2TB SSD (3D V-NAND)
Display(s) ASUS VG248QE 144Hz 1ms (DisplayPort)
Case Corsair Carbide 330R Titanium
Audio Device(s) Creative Sound BlasterX AE-5 + Altec Lansing MX5021 (HiFi capacitors and OPAMP upgrade)
Power Supply BeQuiet! Dark Power Pro 11 750W
Mouse Logitech G502 Proteus Spectrum
Keyboard Cherry Stream XT Black
Software Windows 10 Pro 64-bit (Fall Creators Update)
#2
What's with surfacing of security flaws dating decades back? First Spectre/Meltdown and now this? WTF?
 
Joined
Jan 29, 2012
Messages
4,578 (2.10/day)
Likes
3,802
Location
Florida
System Name natr0n-PC
Processor Phenom II X6 1100T @ 3.7 GHz - NB 3.0 GHz | Xeon E3-1290
Motherboard MSI 970 Gaming | Asus Sabertooth Z77
Cooling TRUE 120 |Deep Cool Assassin
Memory Gskill Ripjaws X - 16GB DDR3 (4x4GB)
Video Card(s) MSI 7970 Twin Frozr III BE OC - 1100/1500
Storage Crucial MX300 525GB + Multiple Mechs
Display(s) SyncMaster 2343BWX 23" 2048x1152 / Dell 1909W 19" 1440x900
Case Sunbeam Transformer Silver - frame is built like a tank
Audio Device(s) X-Fi Extreme Music | X-Fi Titanium - Bookshelf system
Power Supply Corsair TX650 v1
Software Windows XP/7/8.1/10
Benchmark Scores Xeon E3-1290 cpuz world record
#3
Everyone is like "Oh know im going to lose some performace yet again"
 
Joined
Aug 20, 2007
Messages
7,820 (2.05/day)
Likes
6,887
#4
What's with surfacing of security flaws dating decades back? First Spectre/Meltdown and now this? WTF?
Spectre and Meltdown may be decades old, but they are relatively newly discovered. This has been KNOWN for 19 years, so no excuse.

That said, as bad as this is, someone still needs to tap your line and break the password hash between you and paypal to actually hijack an account, so nothing much meaningful will probably happen from this. It still needs to be patched immediately.
 
Joined
Apr 1, 2008
Messages
2,846 (0.79/day)
Likes
631
System Name HTC's System
Processor Ryzen 5 1600
Motherboard Asrock Taichi
Cooling NH-C14
Memory G.Skill Kit 16GB DDR4 F4 - 3200 C16D - 16 GTZB
Video Card(s) Sapphire Nitro+ Radeon RX 480 OC 4 GB
Storage 2 * Samsung 1 TB HD103UJ
Display(s) LG 27UD58
Case Corsair Obsidian 650D
Audio Device(s) Onboard
Power Supply Corsair TX750
Mouse Logitech Performance MX
Software Ubuntu 16.04 LTS
#5
Spectre and Meltdown may be decades old, but they are relatively newly discovered. This has been KNOWN for 19 years, so no excuse.

That said, as bad as this is, someone still needs to tap your line and break the password hash between you and paypal to actually hijack an account, so nothing much meaningful will probably happen from this. It still needs to be patched immediately.
But it hasn't been fixed for 19 years: instead, a workaround was implemented.

The vulnerability in the transport layer security protocol for Web encryption was disclosed in 1998 when researcher Daniel Bleichenbacher found it in the TLS predecessor known as secure sockets layer. A flaw in the algorithm that handles RSA encryption keys responded to certain types of errors in a way that divulged potentially sensitive information. With enough specially formed queries, attackers could exploit the weakness in a way that allowed them to decrypt ciphertext even when they didn't have the secret decryption key. SSL architects responded by designing workarounds that suppressed the error messages rather than removing or rewriting the faulty RSA algorithm.
Since the problem was never fixed, it was "just waiting" for another way to be taken advantage of, and that way was just found, it seems.
 
Joined
Mar 10, 2010
Messages
5,137 (1.79/day)
Likes
1,671
Location
Manchester uk
System Name Quad GT evo V
Processor FX8350 @ 4.5ghz1.525c NB2.44ghz Ht2.64ghz
Motherboard Gigabyte 990X Gaming
Cooling 360EK extreme 360Tt rad all push/pull, cpu,NB/Vrm blocks all EK
Memory Corsair vengeance 16Gb @1600 cas8
Video Card(s) Rx vega 64 waterblockedEK + Asus Dual OC gtx1060 6Gb
Storage samsung 840(250), WD 1Tb+2Tb +3Tbgrn 1tb hybrid
Display(s) Samsung uea28"850R 4k freesync, LG 49" 4K 60hz
Case Custom(modded) thermaltake Kandalf
Audio Device(s) Xfi creative 7.1 on board ,Yamaha dts av setup
Power Supply corsair 1200Hxi
Mouse CM optane
Keyboard CM optane
Software Win 10 Pro
Benchmark Scores 15.69K best overall sandra so far 6600 3dmark
#6
But it hasn't been fixed for 19 years: instead, a workaround was implemented.



Since the problem was never fixed, it was "just waiting" for another way to be taken advantage of, and that way was just found, it seems.
And shows in crystal clarity just what can be done at times to fix issues and also just how fixed they are in reality.
 
Joined
Aug 20, 2007
Messages
7,820 (2.05/day)
Likes
6,887
#7
But it hasn't been fixed for 19 years: instead, a workaround was implemented.
A workaround that should be effective if actually implemented. My understanding is the above sites are simply configured badly.
 
Joined
Apr 1, 2008
Messages
2,846 (0.79/day)
Likes
631
System Name HTC's System
Processor Ryzen 5 1600
Motherboard Asrock Taichi
Cooling NH-C14
Memory G.Skill Kit 16GB DDR4 F4 - 3200 C16D - 16 GTZB
Video Card(s) Sapphire Nitro+ Radeon RX 480 OC 4 GB
Storage 2 * Samsung 1 TB HD103UJ
Display(s) LG 27UD58
Case Corsair Obsidian 650D
Audio Device(s) Onboard
Power Supply Corsair TX750
Mouse Logitech Performance MX
Software Ubuntu 16.04 LTS
#8
A workaround that should be effective if actually implemented. My understanding is the above sites are simply configured badly.
But, if it was indeed fixed, this could not have happen, no?

By leaving the issue unfixed, they exposed themselves to further problems, but the real problem is that it took 19 years for them to notice.
 
Joined
Aug 20, 2007
Messages
7,820 (2.05/day)
Likes
6,887
#9
But, if it was indeed fixed, this could not have happen, no?

By leaving the issue unfixed, they exposed themselves to further problems, but the real problem is that it took 19 years for them to notice.
My understanding is it was fixed by simply suppressing errors that could leak data in the default config. This does not prevent idiot admins from overriding the default config to expose those errors again.
 
Joined
Apr 1, 2008
Messages
2,846 (0.79/day)
Likes
631
System Name HTC's System
Processor Ryzen 5 1600
Motherboard Asrock Taichi
Cooling NH-C14
Memory G.Skill Kit 16GB DDR4 F4 - 3200 C16D - 16 GTZB
Video Card(s) Sapphire Nitro+ Radeon RX 480 OC 4 GB
Storage 2 * Samsung 1 TB HD103UJ
Display(s) LG 27UD58
Case Corsair Obsidian 650D
Audio Device(s) Onboard
Power Supply Corsair TX750
Mouse Logitech Performance MX
Software Ubuntu 16.04 LTS
#10
My understanding is it was fixed by simply suppressing errors that could leak data in the default config. This does not prevent idiot admins from overriding the default config to expose those errors again.
According to Ars Technica's article (see below), they specifically did not fix the problem and instead used workarounds to suppress the issue.

SSL architects responded by designing workarounds that suppressed the error messages rather than removing or rewriting the faulty RSA algorithm.
 

AsRock

TPU addict
Joined
Jun 23, 2007
Messages
15,378 (3.98/day)
Likes
4,789
Location
US
Processor 2500k \ 3770k
Motherboard ASRock Z68 \ Z77
Memory Samsung low profile 1600
Video Card(s) XFX 6770 \ XFX R9 390X
Storage Intel 80Gb (SATA2) WD 250Gb \ Team SSD+Samsung Evo 250Gb+500Gb+ 2xCorsair Force+WD250GbHDD
Display(s) Samsung 1080P \ Toshiba HDTV 1080P
Case HTPC400 \ Thermaltake Armor case ( original ), With Zalman fan controller ( wattage usage ).
Audio Device(s) Yamaha RX-V475 \ Marantz SR5008 Tannoy Mercury MKII Paradigm 5SE + Tannoy Mercury F4
Power Supply PC&Power 750w \ Seasonic 750w MKII
Mouse MS intelimouse \ Logitech G700s + Steelseries Sensei wireless
Keyboard Logitech K120 \ ROCCAT MK Pro ( modded amber leds )
Benchmark Scores Meh benchmarks.
#11
What's with surfacing of security flaws dating decades back? First Spectre/Meltdown and now this? WTF?
O come on, one reason i stopped watching the TV, news channels make it olook like a break out of crap but in realility it's much more often than they make out.
 
Joined
Aug 20, 2007
Messages
7,820 (2.05/day)
Likes
6,887
#12
According to Ars Technica's article (see below), they specifically did not fix the problem and instead used workarounds to suppress the issue.
That is essentially what I just stated. Semantics perhaps, as it's still broken.
 
Joined
Apr 1, 2008
Messages
2,846 (0.79/day)
Likes
631
System Name HTC's System
Processor Ryzen 5 1600
Motherboard Asrock Taichi
Cooling NH-C14
Memory G.Skill Kit 16GB DDR4 F4 - 3200 C16D - 16 GTZB
Video Card(s) Sapphire Nitro+ Radeon RX 480 OC 4 GB
Storage 2 * Samsung 1 TB HD103UJ
Display(s) LG 27UD58
Case Corsair Obsidian 650D
Audio Device(s) Onboard
Power Supply Corsair TX750
Mouse Logitech Performance MX
Software Ubuntu 16.04 LTS
#13
That is essentially what I just stated. Semantics perhaps, as it's still broken.
A workaround is not a fix, as far as i'm concerned.

To give a somewhat crude analogy:

If a water heater suddenly starts not enabling more heat (more gas usage), you should not "fix it" by reducing the amount of water, thus heating the water more. Instead you should fix the heating problem. This kind of workaround seems to be the thing that happened with this exploit.
 
Status
Not open for further replies.