New D/TLS attacks published

Researchers Nadhem AlFardan and Kenneth Patterson of the University of London’s Royal Holloway College on Monday released a paper demonstrating attacks on the TLS and DTLS protocols, the most popular ways to encrypt data on the Internet today. While the attacks require complex statistical analysis in order to decrypt the messages, code to exploit these weaknesses is likely to emerge in the wild in the relatively near term, due to the high potential value of a successful attack.

The TLS (Transport Layer Security) protocol and its predecessor, the SSL (Secure Sockets Layer) protocol, are a core part of HTTPS (Hypertext Transfer Protocol Secure), the primary method of securing communications on the Web. The DTLS (Datagram Transport Layer Security) protocol is based on TLS and used for encrypting connections between applications that communicate over UDP (User Datagram Protocol).

“OpenSSL, NSS, GnuTLS, yaSSL, PolarSSL, Opera, and BouncyCastle are preparing patches to protect TLS in CBC-mode against our attacks,” the researchers said on their website. Network detection revolves around the fact that a large number of requests must be sent to crack the encryption, similar to the SSL-BEAST attack of 2011. Vendors ranging from Microsoft to OpenSSL have released announcements on the subject, either verifying that their implementations are already secure, releasing patches, or confirming current patch development. Users are encouraged to upgrade all SSL-capable applications on their systems/networks as soon as feasible.