LEGENDS SPEAK of the a security flaw discovered some two decades ago but it looks like the vulnerability has reared its head once again.
ROBOT, which stands for Return of Bleichenbacher’s Oracle Threat, is a variation of a 1997 vulnerability in the transport layer security protocol for web encryption originally uncovered by security researcher Daniel Bleichenbacker.
The vulnerability affected TLS servers that uses RSA encryption and how it handles error messages.
Savvy hackers could exploit the how the RSA encryption responded to certain queries and cause it to leak sensitive information. From there hackers could decrypt ciphertext without needing the decryption key.
Rather than plugging the flaw, SSL architects came up with ways that suppressed the error messages to prevent them from leaking an encrypted session key.
Now this vulnerability has returned and appears to affect 27 out of 100 of the world’s most visited websites, including the likes of Facebook and PayPal.
Newly discovered by a trio of researchers, the resurgence of ROBOT was reported to Facebook who quickly patched over the security hole.
And while ROBOT isn’t anywhere as dangerous as Heartbleed, due to the need for hackers to make thousands of connections to a targeted site, it still poses a serious problems to website and services that don’t fix the flaw before hackers get wind of it.
As it stands the researchers exploitation of the flaw is but a proof of concept so far, which they’re keeping quiet until the affected sites have time to plug the security hole.
For people worries about the flaw, the researchers recommend disabling RSA encryption.
“ROBOT only affects TLS cipher modes that use RSA encryption. Most modern TLS connections use an Elliptic Curve Diffie Hellman key exchange and need RSA only for signatures. We believe RSA encryption modes are so risky that the only safe course of action is to disable them,” the researchers explained. “Apart from being risky these modes also lack forward secrecy.”
“By disabling RSA encryption we mean all ciphers that start with TLS_RSA. It does not include the ciphers that use RSA signatures and include DHE or ECDHE in their name. These ciphers are not affected by our attack.”
It’s likely that ROBOT will prompt affected websites to patch it out as soon as possible, so the ramifications of the security hole’s return may not be significant. But it does rather knock the old maxim that ‘time heals all wounds’ to the ground, at least in IT terms. µ
Source : Inquirer