Another day, another SSL attack. A new, low-cost attack has been found, that decrypts sensitive communications in a matter of hours and in some cases almost immediately. I hereby name you DROWN! And CVE-2016-0800.
The attack works against TLS-protected communications that rely on the RSA cryptosystem when the key is exposed even indirectly through SSLv2, a TLS precursor that was retired almost two decades ago because of crippling weaknesses. The vulnerability allows an attacker to decrypt an intercepted TLS connection by repeatedly using SSLv2 to make connections to a server.
The fact is though, that many of the listed SSL-based attacks over the last 2 years ( and yes there have been quite a few ), are not inherently serious, or do not have a large attack surface. Many require a particular ( and unusual ) set of circumstances and dependencies that make their effectiveness, well less effective.
And DROWN is not dissimilar. I requires SSLv2 to be enabled on the web server. For those in the know, and any sysadmin worth their salt, anything below TLSv1 ( at the very least ) should have been switched off on your web servers, years ago already. Known issues with these lesser versions of encryption have absolutely mandated their non-use. But unfortunately, the ease with which a web server can be put online is not directly comparable to the technical skill of those putting these servers online. So you can bet there are probably some misconfigured servers out there.
But the attack surface for DROWN should be relatively small and those who are effected, will probably ( and hopefully ) not be providing anything of value on their sites.
There’s a lesson to be learnt here though: just because something may seem simple to do on the surface, does not mean it is in reality. There’s no replacement for skill and experience.
