Raccoon Attack - SSL and TLS vulnerability

A team of researchers have recently discovered a vulnerability with all versions of the SSL and TLS 1.2 and prior protocols with the exception of TLS 1.3. This vulnerability is called Raccoon Attack and researchers have provided a paper on their analysis and their conclusions for the broader lessons on cryptographic protocols.

Raccoon Attack exploits a timing vulnerability in the impacted TLS and SSL protocols that could allow an attacker to break the encryption and read sensitive client/server communications such as passwords and credit card numbers. Since a server’s private key is not vulnerable to Raccoon, TLS certificates do not need to be reissued.

The root cause is that TLS/SSL standards allow non-constant-time processing of the Diffie-Helman (DH) secret. Precise timing measurements may enable an attacker to construct a message from a TLS server. 

Hackers may try to leverage these vulnerabilities in combination with other methods to sharpen their attacks. Thus, it is recommended to patch these vulnerabilities at the earliest. 

Raccoon attack aims at recovering several bytes of information by using a well-established method for exchanging keys in TLS connections. This method is known as the Diffie-Hellman (DH) key exchange. By using Diffie-Hellman, hackers are able to create a set of equations and with the use of a solver for the Hidden Number Problem (HNP), calculate the original premaster secret between the client and the server.

Click on below link to read more:

• Here on the Raccoon attack and the recommendations from the researchers.
• Here for windows patches which cover both Windows Clients and Servers

For more information on the topic and our Cyber Security Solutions & Services, please contact us by mail security@birger.technology.

BIRGER.