The Drown attack decrypts TLS sessions on servers supporting SSL v2 and using RSA key exchange. Drown is different from other attacks against TLS in that it doesn’t need servers to be using the older version; the attack will succeed as long as the targeted system supports SSL v2. The cross-protocol attack (CVE-2016-0800) could lead to decryption of any encrypted session using SSL/TLS protocols as long as the server supports SSL v2 and uses RSA key exchange, the researchers said in their technical paper.
By making repeated SSL v2 connection requests, researchers uncovered bits of information about the server’s private RSA key. After enough requests, researchers were able to obtain the private key to decode the TLS sessions. The attack scope widens if the organization reuses that private RSA key across servers, even if different certificates are used.
The attack is made worse by two additional implementation vulnerabilities in OpenSSL, prompting the project team to release versions 1.0.2g and 1.0.1s to address the issues.
Read more at InfoWorld
