HTTPS Side-Channel Attack A Tool For Encrypted Secret Theft

Researchers to release details on how SSL vulnerability gives attackers ability to steal everything from OAuth tokens to PII through an enterprise app in just 30 seconds

A new side channel vulnerability in HTTPS traffic could make it possible for targeted attackers to dig up secrets like session identifiers, CSRF tokens, OAuth tokens, and ViewState hidden fields without users ever being the wiser, say researchers who will explain how the attack could work at this year's Black Hat.

"It's a very powerful tool that -- if you know how to use it under certain conditions and you know who you're targeting -- you could potentially compromise the security of their channel without them being aware. The victim is not going to see any certificate errors," says Angelo Prado, lead product security engineer at Salesforce.com, who, together with Neal Harris, application security engineer at Square, will be presenting information in a session titled "SSL, Gone in 30 Seconds-A BREACH beyond CRIME." "The attack is going to rely on being able to piggyback on the victim's browser."

According to Prado, the research he and Harris did builds on the Compression Ratio Info-leak Made Easy (CRIME) exploit discovered last fall by researchers Juliano Rizzo and Thai Duong.

"We're building on the footsteps of CRIME. We came across a widespread problem that affects a significant portion of Internet-facing applications and are taking it beyond the original research," Prado says, explaining the genesis of his and Harris' research into SSL flaws. "When you're designing security protocols, you can implement cryptography properly, but you cannot always provide perfect confidentiality. When you mix a lot of protocols into the stack, there might be other layers in the stack that might be overly permissive, and then you might be able to compromise the entire trust relationship."

[Is malware getting around BIOS security measures? See BIOS Bummer: New Malware Can Bypass BIOS Security.]

According to Prado, the attacker may not have to know the victim, but would need to know the system to be targeted and understand the structure of the system. While he and Harris are holding back the bulk of the technical details until the talk, Prado says that the attack generally works by gumming up the browser with a "significant" number of requests, but not significant enough that it would be impossible for a normal browser to execute.

"This is not a DDoS. It's not like Lucky 13 or some of the RC4 attacks in the past that would require years or months to execute," he says. "Our attack would be visible 30 seconds to a half an hour depending on the complexity of the secrets and the dynamics of the page you're trying to target."

These bursts of traffic could point toward one potential mitigation for such an attack, Prado says, explaining that monitoring for these spikes could help pinpoint attacks. Unfortunately, he says that the possibility is high that the fix for the vulnerability is "nontrivial," so it's going to take work with the major browser vendors to look for other remediations and mitigations to lower the risk of users being targeted. He and his research partner are currently working with these vendors through CERT to come up with solutions in advance of Black Hat.

At the show, Prado and Harris will demonstrate an attack on a major enterprise application that will be able to uncover encrypted secrets in 30 seconds. They'll also be releasing a proof-of-concept tool that will allow users to test how the attack works against a sample page.

"And then you're going to be able to point that against your page to hack yourself and determine if you're vulnerable and, if you are, how bad it is," Prado says.

He hopes that his talk will raise awareness about the potential attack, which he says "is very real" and something that enterprises with high-value targets should be concerned about.

"Our attack is for an application that is very fortified, solid, and strong. I would imagine, potentially, a competitor or a foreign nation threat could use the attack to extract a secret off a page that would enable them to impersonate the user on that page," he says. "They might be able to recover a secret that then lets them escalate privileges and get into that application."

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading. View Full Bio