TLS Attacks
This is a follow up article which is titled as “Are TLS vulnerabilities considered critical for internal network?”
We are listing a whole slew of attacks which originated with one thing in mind – to break SSL/TLS. At the time of this writing, the most secure version is TLS 1.3 and TLS 1.2 is highly secure but soon to be upgraded to TLS 1.3. List below is purely informative. If you run any cyber security tool against your IT infrastructure and found any of these vulnerabilities, the only fixation is to upgrade TLS of that device either to TLS 1.3, or at least to TLS 1.2.
1. POODLE (Padding Oracle On Downgraded Legacy Encryption)
TLS Versions Affected: SSL 3.0
Technical Details:
- POODLE is a vulnerability in the SSL 3.0 protocol, but it can impact systems that support both SSL 3.0 and newer TLS versions.
- Exploits involve downgrading the connection to SSL 3.0 and using a padding oracle attack to decrypt secure HTTP cookies.
2. BEAST (Browser Exploit Against SSL/TLS)
TLS Versions Affected: TLS 1.0
Technical Details:
- BEAST is an attack on the CBC (Cipher Block Chaining) mode of encryption in TLS 1.0.
- Exploits involve predicting the Initialization Vector (IV) and decrypting parts of the communication between a user and a server.
3. Sweet32
TLS Versions Affected: TLS and SSL using 3DES cipher suites
Technical Details:
- Sweet32 is a vulnerability associated with the use of 3DES (Triple DES) cipher suites in TLS and SSL protocols.
- Exploits involve the exploitation of birthday bound collisions in the 64-bit block cipher, leading to the interception of sensitive data.
4. Heartbleed
TLS Versions Affected: OpenSSL implementation (not a flaw in TLS itself)
Technical Details:
- Heartbleed is a vulnerability in the OpenSSL cryptographic software library.
- It allows an attacker to read sensitive data from the memory of the server, potentially exposing private keys and other confidential information.
5. FREAK (Factoring RSA Export Keys)
TLS Versions Affected: SSL/TLS using export-grade ciphers
Technical Details:
- FREAK is a vulnerability that allows attackers to force the use of weak “export-grade” encryption, enabling them to decrypt the communication.
- Exploits involve downgrading the encryption to export-grade ciphers and then performing a Man-in-the-Middle attack.
6. DROWN (Decrypting RSA with Obsolete and Weakened eNcryption)
TLS Versions Affected: SSLv2
Technical Details:
- DROWN is a cross-protocol attack that targets the SSLv2 protocol, allowing attackers to decrypt modern TLS connections.
- It involves exploiting the SSLv2 protocol’s weak key exchange method.
7. CRIME (Compression Ratio Info-leak Made Easy)
TLS Versions Affected: TLS with compression enabled
Technical Details:
- CRIME is an attack that targets the compression mechanism in TLS. It allows an attacker to recover parts of the plaintext by observing the size of the compressed ciphertext.
- Exploits involve manipulating the compression ratio to deduce information about the plaintext.
8. BREACH (Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext)
TLS Versions Affected: TLS with compression enabled
Technical Details:
- BREACH is a variant of the CRIME attack, focusing on exploiting the compression of HTTP responses.
- Attackers can use crafted requests to deduce information from the compressed responses, potentially leading to the exposure of sensitive data.
9. Lucky13
TLS Versions Affected: TLS 1.0 and TLS 1.1
Technical Details:
- Lucky13 is a timing attack that targets the implementation of the CBC mode of encryption in TLS.
- Exploits involve exploiting timing differences to recover plaintext.
10. SLOTH (Security Losses from Obsolete and Truncated Transcript Hashes)
TLS Versions Affected: TLS with SHA-1 or MD5
Technical Details:
- SLOTH is an attack that targets the use of weak hash functions (SHA-1 or MD5) in the transcript hash of the TLS protocol.
- Exploits involve exploiting vulnerabilities in the hash function, leading to security losses.
11. Logjam
TLS Versions Affected: Diffie-Hellman key exchange in TLS
Technical Details:
- Logjam is a vulnerability in the Diffie-Hellman key exchange protocol used in TLS.
- Attackers can force the use of weak 512-bit export-grade keys, enabling them to downgrade the connection and potentially decrypt traffic.
12. Poodle (Padding Oracle On Downgraded Legacy Encryption) for TLS
TLS Versions Affected: SSL 3.0 and some implementations affecting TLS 1.0 and higher
Technical Details:
- Poodle also affects TLS when an attacker can force a connection to use SSL 3.0.
- The attack involves exploiting the padding oracle to decrypt secure HTTP cookies and gain unauthorized access.
13. BLEichenbacher’s ROBOT (Return Of Bleichenbacher’s Oracle Threat)
TLS Versions Affected: RSA key exchange in TLS
Technical Details:
- This attack is a variation of the original Bleichenbacher attack and targets the RSA key exchange.
- Exploits involve using a padding oracle to decrypt encrypted messages and potentially compromise the confidentiality of the communication.
14. GoldenEye (ROBOT Attack Variant)
TLS Versions Affected: RSA key exchange in TLS
Technical Details:
- GoldenEye is a variant of the ROBOT attack that affects RSA key exchange in TLS.
- It exploits weaknesses in the RSA key exchange to recover the session key and decrypt the communication.
15. DragonBlood
TLS Versions Affected: WPA3 handshake in Wi-Fi networks (not directly TLS, but related)
Technical Details:
- DragonBlood attacks the WPA3 protocol’s Dragonfly handshake, which is used to secure Wi-Fi networks.
- Exploits involve side-channel attacks on the password-authenticated key exchange.
16. SWEET32 (Birthday Attacks on 3DES)
TLS Versions Affected: TLS and SSL using 3DES cipher suites
Technical Details:
- SWEET32 is associated with the use of 3DES (Triple DES) cipher suites in TLS and SSL protocols.
- Exploits involve birthday-bound collisions in the 64-bit block cipher, potentially leading to the interception of sensitive data.
17. CacheBleed
TLS Versions Affected: Intel CPUs with Hyper-Threading
Technical Details:
- CacheBleed is a side-channel attack that targets Intel CPUs with Hyper-Threading.
- It exploits the sharing of cache resources between hyper-threading siblings to leak sensitive information.
18. Zombie POODLE
TLS Versions Affected: TLS 1.2 with CBC-mode ciphers
Technical Details:
- Zombie POODLE is a variant of the original POODLE attack and affects TLS 1.2 with CBC-mode ciphers.
- It exploits padding oracle vulnerabilities to decrypt parts of the communication.
19. SLOTH (Cryptanalysis of Transport Layer Security)
TLS Versions Affected: TLS using weak hash functions (SHA-1 or MD5)
Technical Details:
- SLOTH targets the use of weak hash functions (SHA-1 or MD5) in the transcript hash of the TLS protocol.
- Exploits involve exploiting vulnerabilities in the hash function, leading to security losses.
20. CVE-2021-3449 (Cipher downgrade attack on TLS)
TLS Versions Affected: OpenSSL (various versions)
Technical Details:
- This vulnerability in OpenSSL allows an attacker to force the usage of weak cipher suites, potentially leading to security issues.