Three days ago on the 3rd of November Marsh Ray and Steven Dispensa of PhoneFactor released a whitepaper that describes a man in the middle attack against TLS and SSL v3 by using the “renegotiation” feature of the protocol. Let there be no mistake, this is a limited, but still serious attack.

This new attack adds to the issues published by Moxie Marlinspike, Dan Kaminski and Mike Zusman I blogged about earlier.

So what does this new attack do?

The attack described by Marsh Ray et al. exploits a feature of the TLS protocol called renegotiation. Renegotiation allows the TLS client or server to initiate a renegotiation of the encryption of the connection in order to refresh keys, increase authentication, increase the strength of the cipher suite or any other reason. This renegotiation can be performed by the server or the client by sending a server or client hello message.

Read more…

Moxie Marlinspike, Dan Kaminski and Mike Zusman all presented talks at both Blackhat and Defcon that expose serious flaws the implementation and model of SSL and the way we us it today.
Read more…