Researchers Find Hole in TLS, Can Now Snoop on Your Secure Traffic
Researchers at the Royal Holloway University of London have uncovered a range of methods to attack the TLS cryptographic protocol to expose encrypted data circulating between clients and servers.
According to the report, exploitation of the TLS protocol requires that the attacker be close to the target machine to detect small differences in the time at which TLS error messages appear on the network in response to attacker-generated cipher-text.
“Because of network jitter and other effects, the times observed by the attacker are noisy, and multiple samples of each time are needed to make the attacks reliable,” wrote the researchers in a blog post on the findings. “In their simplest form, our attacks can reliably recover a complete block of TLS-encrypted plaintext using about 223 TLS sessions, assuming the attacker is located on the same LAN as the machine being attacked and HMAC-SHA1 is used as TLS’s MAC algorithm.“
TLS is currently used as the de-facto encryption mechanism for securing communications against man-in-the-middle attacks and traffic sniffing. It provides data conﬁdentiality and integrity even when the user is sending sensitive information across insecure networks, such as unencrypted Wi-Fi or public wired networks.
Bottom-line: don’t rely on mathematics to safeguard your private data. When transferring critical information across a network, make sure you’re not doing this across public networks or while connected to wireless hotspots.