More than 11 million https websites at risk from Drown attack
Security researchers have discovered a vulnerability that makes it possible to decrypt connections protected with tls via the outdated sslv2 within hours. As a result, websites and mail servers have been affected, among other things.
The Drown attack with number cve-2016-0800, which stands for Decrypting RSA using Obsolete and Weakened eNcryption, works by repeatedly building connections to a server using sslv2. This allows small pieces of information about the encryption key to be retrieved and eventually an intercepted TLS connection can be decrypted. A server is vulnerable to attack if it supports both tls and sslv2 or if the same private key exists on an sslv2 server and a tls server. One of these configurations occurs in 33 percent of all https servers on the internet, according to the researchers.
Normally sslv2 is disabled because it is an old implementation of the ssl protocol. However, many servers appear to still support these, for example due to a wrong configuration. For example, in OpenSSL, support for sslv2 is disabled by default, but there are administrators who override these settings, Ars Technica reports. In addition, there are two vulnerabilities in OpenSSL, cve-2015-3197 and cve-2016-0703, which make the attack significantly easier and faster. It is therefore recommended that you perform the updates that were released on Tuesday. According to the researchers, there would be no indications that the vulnerability is being actively used.
According to Ars Technica, the attack is not easy to execute, because it assumes that the attacker can monitor the traffic between a victim and the server. However, once the necessary information is in the hands of the attacker, they can decrypt the connection with little effort. The researchers used the Amazon EC2 service for a few hours for 440 dollars, which is about 405 euros.
The researchers have made an online tool available to check whether a server is actually susceptible to the attack. It is not the first time that the security of SSL has been compromised, in May 2015 the so-called Logjam attack was announced.
Schematic representation of a Drown attack