DROWNing HTTPS
The DROWN (CVE-2016-0800) vulnerability identifies a server that is open to a non-trivial attack that relies on SSLv2 support, to which at least a third of all internet servers were vulnerable as of March 2016. Attackers will take advantage of SSLv2 supported by an application using the same keys as are used to salt or help randomize TLS (the more recent protocol versions). By initiating tens of thousands of SSLv2 messages, they are able to glean the keys used in more robust and current versions of TLS, and thus break the higher-grade encryption with stolen private keys. Once thought to be impractical based on the sheer number of messages believed to be needed; they also call this the million message attack; it is now known ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access