Major browser vendors including Mozilla and Google have announced that they are to deactivate the SSL 3.0 cryptography standard following the discovery of a nasty vulnerability in the standard.
Discovered and publicised in a document released back in September by Googlers Bodo Möller, Thai Duong and Krzysztof Kotowicz, the Poodle attack - Padding Oracle On DOwngraded Legacy Encryption - allows attackers to obtain bearer tokens, including supposedly secure HTTP cookies that would allow a supposedly authenticated and encrypted SSL 3.0 session to be hijacked for nefarious means.
The flaw stems from backwards compatibility added to most browsers. While the majority of sites have long since abandoned Secure Sockets Layer (SSL) encryption in favour of its replacement Transport Layer Security (TLS), a few sites have not - and to support these, browsers include the outdated SSL standards and will negotiate downwards to the highest security standard supported by a given site. This downgrade process can also be exploited by an attacker, however, forcing a connection to use a known-weak encryption method despite supporting better standards.
The result: a worrying hole in the security of most modern web browsers. That is changing, with both Google and Mozilla announcing that they will be looking to remove SSL support from their respective browsers. '
SSL version 3.0 is no longer secure. We have a plan to turn off SSLv3 in Firefox. This plan was developed with other browser vendors after a team at Google discovered a critical flaw in SSLv3, which can allow an attacker to extract secret information from inside of an encrypted transaction,' explained Mozilla's Richard Barnes in a
blog post on the matter published late last night. '
SSLv3 will be disabled by default in Firefox 34, which will be released on Nov 25. The code to disable it is landing today in Nightly, and will be promoted to Aurora and Beta in the next few weeks.'
Barnes indicates that only 0.3 per cent of transactions carried out via the Firefox web browser require SSLv3, but admits that '
due to the size of the web, it still amounts to millions of transactions per day.' Particularly badly affected will be sites that support legacy users, with older browsers like Internet Explorer 6 unable to support anything higher than SSLv3 - thus disabling secure connectivity altogether if the server has SSLv3 disabled.
Google, too, is looking to kill off SSLv3 - despite this compatibility problem. '
Google Chrome will begin testing changes today that disable the fallback to SSL 3.0. This change will break some sites and those sites will need to be updated quickly,' explained Möller, co-discoverer of the Poodle attack, in a
blog post. '
In the coming months, we hope to remove support for SSL 3.0 completely from our client products.'
Full details of the Poodle attack can be found in
this paper (PDF warning).
Want to comment? Please log in.