The discovery at Lucent Technologies, Inc.'s Bell Labs research division of a security vulnerability in the Secure Sockets Layer (SSL) protocol last week has prompted several vendors of Web servers to quickly issue software patches and security advice to the public.
SSL is a session-layer encryption protocol invented at Netscape Communications Corp. by Taher Elgamal with underlying technology from RSA Data Security, Inc. The protocol is widely used on the Internet to encrypt a session between a Web server and a browser.
The flaw in SSL, found by Bell Labs researcher Daniel Bleichenbacker, would let a hacker figure out the key for decrypting an intercepted SSL session by using a complex process of mathematical comparisons to analyze how an SSL-based Web server responds to a very long stream of messages. This would apparently take about one million session attempts.
Though hackers are not yet known to have automated this complex process into hacker software that would work at the press of a key, the worry that the hacker crowd may eventually do so has prompted a concerted defensive posture.
"It's the worry that this attack could be automated and the implications for electronic commerce," said Scott Schnell, vice president of marketing at RSA Data Security, Inc.
SSL is widely used on the Web for encrypting credit cards, passwords and other information that Web users would prefer to keep confidential. Schnell said the SSL security vulnerability discovered by Bell Labs affects the interactive key establishment protocols that use the Public Key Cryptography Standard (PKCS) 1, invented several years ago at RSA.
The vulnerability appears to be limited to servers that use SSL but not Web browsers.
Schnell said RSA is altering PKCS 1 to prevent hackers from exploiting the current design flaw. A second version of the PKCS suite will likely be out in July.
C2net Software, Inc., Consensus Development Corp., IBM, Lotus Development Corp., Microsoft Corp., Netscape, Open Market, Inc. and RSA were among the vendors that all posted advisories on their Web sites about the SSL flaw; Bell Labs also posted information.
Bell Labs quietly notified RSA of the vulnerability a month ago, but IBM said it only found out about the problem with SSL the day before the public announcement Friday. IBM said it is analyzing the possible impact to its Web gear and would make fixes available as soon as possible.
For its part, Microsoft, stated that it has already developed updated versions of Microsoft Internet Information Server 3.0 and 4.0, Microsoft Site Server 3.0 Commerce Edition, Microsoft Site Server Enterprise Edition, Microsoft Exchange 5.0 and 5.5 for SSL-enabled POP3 and SMTP.
Microsoft also advised customers to change their server-side certificates on a regular basis so a hacker won't be able to use this vulnerability to decode transactions that were encrypted with the previous private key. Microsoft also suggested not using the same certificate on entire clusters of servers, also known as server farms.
"If multiple servers are configured with the same certificate, an attacker could use the processing strength of each server to try to break a single session, thus reducing the time required," Microsoft stated on its Web site.
RELATED LINKS
Details of the flaw
from Bell Labs.
Fix, FAQ and analysis of the flaw from RSA.
Cryptography articles and resources.
Apply for your free subscription to Network World. Click here. Or get Network World delivered in PDF each week.
Request a reprint or permission to use this article.
