Bar-Mitzva Attack: Breaking SSL with 13-Year Old RC4 Weakness

Presented at Black Hat Asia 2015, Unknown date/time (Unknown duration)

RC4 is the most popular stream cipher in the world, and in particular is used to protect a significant portion of SSL/TLS sessions. In this session, we will show how an old vulnerability of RC4 can be used to mount a partial plaintext recovery attack on SSL-protected data, when RC4 is the chosen cipher. As opposed to BEAST, POODLE, CRIME, and other attacks on SSL that were published in the recent years, including the attack by Bernstein et-al on the usage of RC4, the new attack is not limited to recovery of temporal session tokens, but can be used to steal parts of permanent secret data such as account credentials when delivered as POST parameters. Furthermore, one of the variants of the new attack requires only passive eavesdropping to SSL connections, and presents the first practical attack on SSL that does not require active Man-in-the-Middle. Another unique characteristic of the new attack allows one of its variants to recover with non-negligible probability, parts of a secret that was transmitted only once over the TLS connection.

Presenters:

• Itsik Mantin - Imperva
  For over 15 years, Mantin has been researching, designing, analyzing, and problem solving in various security-related domains, including DRM systems, web application security, automotive systems protection against cyber-attacks, and more. Mantin is the inventor of 15 patents in these fields. A significant portion of his work in the field was on the mathematical aspects of security -cryptography and cryptanalysis, fingerprinting and watermarking, statistical modeling of traffic patterns, various encoding and compression problems, and more. Mantin has shared his knowledge gained in the field as a presenter at OWASP Israel and many exclusive Cryptography conferences, such as Eurocrypt, Asiacrypt and Fast Software encryption. Mantin holds an master's degree in Applied Math and Computer Science from the Weizmann Institute.

Links:

• https://www.blackhat.com/asia-15/briefings.html#Mantin
• https://www.youtube.com/watch?v=AHkUCD_EYok
• https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness.pdf
• https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf

Similar Presentations:

• THOTCON 0x1 (2010) / How Everyone Screws Up SSL
• Notacon 8 (2011) / SSL Wars - The Dark Side of SSL
• Black Hat USA 2010 / State of SSL on the Internet: 2010 Survey, Results and Conclusions