DROWN attack: Difference between revisions

Browse history interactively ← Previous edit Next edit →Content deleted Content addedVisual WikitextInline

Revision as of 00:24, 2 March 2016 editMarkshale (talk \| contribs)Extended confirmed users669 edits == See also == * Bleichenbacher attack ← Previous edit		Revision as of 00:27, 2 March 2016 edit undoMarkshale (talk \| contribs)Extended confirmed users669 edits moreNext edit →
Line 19:		Line 19:
	}}</ref> Full details of DROWN were announced in March 2016, together with a patch for the exploit.		}}</ref> Full details of DROWN were announced in March 2016, together with a patch for the exploit.

	DROWN exploits a vulnerability in the protocols used and the configuration of the server, rather than any specific implementation error.		DROWN exploits a vulnerability in the protocols used and the configuration of the server, rather than any specific implementation error. According to the discoverers, the exploit cannot be fixed by making changes to client software such as web browsers.

			The exploit includes a ] and the use of a ].

	The ] group has released a security advisory, and a set of patches intended to mitigate the vulnerability by removing support for obsolete protocols and ciphers.<ref>{{Cite web		The ] group has released a security advisory, and a set of patches intended to mitigate the vulnerability by removing support for obsolete protocols and ciphers.<ref>{{Cite web
Line 34:		Line 36:
	== References ==		== References ==
	{{reflist}}		{{reflist}}

	== See also ==
	* ]

	== External links ==		== External links ==

Revision as of 00:27, 2 March 2016

The DROWN attack is a security bug that attacks servers supporting modern TLS protocol suites by using their support for the obsolete, insecure, SSLv2 protocol to leverage an attack on connections using up-to-date protocols that would otherwise be secure. Full details of DROWN were announced in March 2016, together with a patch for the exploit.

DROWN exploits a vulnerability in the protocols used and the configuration of the server, rather than any specific implementation error. According to the discoverers, the exploit cannot be fixed by making changes to client software such as web browsers.

The exploit includes a chosen-ciphertext attack and the use of a Bleichenbacher oracle.

The OpenSSL group has released a security advisory, and a set of patches intended to mitigate the vulnerability by removing support for obsolete protocols and ciphers. Several other vulnerabilities were patched at the same time.,

References

Leyden, John (1 March 2016). "One-third of all HTTPS websites open to DROWN attack". The Register. Retrieved 2016-03-02.
Goodin, Dan (1 March 2016). "More than 11 million HTTPS websites imperiled by new decryption attack". Ars Technica. Retrieved 2016-03-02.
"Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800)". OpenSSL. 1 March 2016.

External links

TLS and SSL

Protocols and technologies

Transport Layer Security / Secure Sockets Layer (TLS/SSL)
Datagram Transport Layer Security (DTLS)
Server Name Indication (SNI)
Application-Layer Protocol Negotiation (ALPN)
DNS-based Authentication of Named Entities (DANE)
DNS Certification Authority Authorization (CAA)
HTTPS
HTTP Strict Transport Security (HSTS)
HTTP Public Key Pinning (HPKP)
OCSP stapling
Opportunistic TLS
Perfect forward secrecy

Public-key infrastructure

Automated Certificate Management Environment (ACME)
Certificate authority (CA)
CA/Browser Forum
Certificate policy
Certificate revocation
- Certificate revocation list (CRL)
- Online Certificate Status Protocol (OCSP)
- OCSP stapling
Domain-validated certificate (DV)
Extended Validation Certificate (EV)
Public key certificate
Public-key cryptography
Public key infrastructure (PKI)
Root certificate
Self-signed certificate