By

Swapnesh Chaubal

Rohit Bhat

Beast Attack

BEAST : Browser Exploit Against SSL/TLS

Julianno Rizzo and Thai Duong demonstrated this attack.

Introduction

SSL and TLS.

Encryption of segments above the Transport Layer.

Securing World Wide Web traffic carried by HTTP to form HTTPS

The Attack

PayPal SSL Certificate example

JavaScript code.

Decrypt encrypted cookies.

Vulnerability in websites protected by the secure sockets layer protocol.

Silently decrypt the data.

How does it attack?

TLS < 1.0

All websites protected by SSL.

What gets infected?

BEAST is different than most published attacks against HTTPS.

The exploit works even against sites that use HSTS, or HTTP Strict Transport Security, which prevents certain pages from loading unless they're protected by SSL.

encrypted transactions on PayPal, GMail and just about every other website vulnerable to eavesdropping by hackers

Severity of Attack

Firefox itself not vulnerable. No TLS 1.0, no control over content of connections.

Developer version of its Chrome browser

Shortcoming in browsers

Large organizations rely on java

VPN

Web conferencing.

Results of removing java-plugin

Decrypt an authentication cookie used to access a PayPal account.

Trick the user into inserting plaintext characters

What was the Demo?

“Empty fragment" feature in OpenSSL.

Insert a single empty TLS record before every record.

Randomizes the IV of the actual records.

Tor Browser requires OpenSSL 0.9.7 or later

How to prevent the attack?

Beast Attack Demo

http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/

http://en.wikipedia.org/wiki/Transport_Layer_Security

https://blog.torproject.org/blog/tor-and-beast-ssl-attack

http://www.theregister.co.uk/2011/09/29/firefox_killing_java/

References

THANK YOU!