New Raccoon Attack Can Allow Decryption of TLS Connections
upstart writes in with an IRC submission:
New Raccoon Attack Can Allow Decryption of TLS Connections:
Researchers from universities in Germany and Israel have disclosed the details of a new timing attack that could allow malicious actors to decrypt TLS-protected communications.
Named "Raccoon," the attack has been described as complex and the vulnerability is "very hard to exploit." While most users should probably not be concerned about Raccoon, several major software vendors have released patches and mitigations to protect customers.
Raccoon can allow a man-in-the-middle (MitM) attacker to crack encrypted communications that could contain sensitive information. However, the attack is only successful if the targeted server reuses public Diffie-Hellman (DH) keys in the TLS handshake (i.e. the server uses static or ephemeral cipher suites such as TLS-DH or TLS-DHE), and if the attacker can conduct precise timing measurements.
[...] "For a real attacker, this is a lot to ask for. However, in comparison to what an attacker would need to do to break modern cryptographic primitives like AES, the attack does not look complex anymore. But still, a real-world attacker will probably use other attack vectors that are simpler and more reliable than this attack," they explained.
The underlying vulnerability has existed for over 20 years, and it was fixed with the release of TLS 1.3.
[...] Additional details on the Raccoon attack are available on raccoon-attack.com. The researchers also plan on releasing a tool that can be used to check if a server is vulnerable. In the meantime, they recommend Qualys' SSL Server Test - a server could be affected if the result of "DH public server param (Ys) reuse" is "yes."
Read more of this story at SoylentNews.