Dear TLS list,

FYI, ICYMI,

Berndt et al. describe a subverted implementation attack against TLS
https://eprint.iacr.org/2020/1452
I just noticed this report today and don't remember seeing it mentioned on the 
TLS list already.  It seems to be worth at least considering.

A summary and brief discussion:

The subverted TLS implementation (IIUC) uses server randoms (nonce) to quickly 
exfiltrate the server's signing key - so it could be characterized as proof of 
concept instance of a well-known idea, kleptography, (but please correct this 
summary if necessary, since it is only based on a skimming of the report).

Granted: it is difficult (impossible?) to thwart all subverted implementation 
attacks. But this attack is easier than others in that category, so might be 
notable.

This general issue with public random nonces has been discussed on TLS, for 
example:
https://mailarchive.ietf.org/arch/msg/tls/56N_-KDN0LuWyEvAhmFnm7g8p6A/
This past discussion led to a recommendation to use different RNGs for the 
public random versus the DH secrets, but I don't see how that would be enough 
to stop this attack.

In reviewing the TLS archive (from the thread above), I see that the general 
difficulty of thwarting subverted implementations has also already been raised. 
Basically, this argues that the best solution is to prevent subversion of 
implementations in the first place, and that making the protocol robust against 
subverted implementations is hopeless and wasteful. Maybe that's right.  (Maybe 
part of this anti-subversion defense would be separating the server keys, e.g. 
in a separate signing module, from the rest of the implementation?  Maybe some 
TLS servers already do this.)

>From the abstract of the attack report:
"... We show that these protocols can be easily subverted by carefully placing 
ASAs. Our analysis shows that careful design of ASAs makes detection unlikely 
while leaking long-term secrets within a few messages in the case of TLS ..., 
allowing impersonation attacks. ..."

The attack report also says that forward secrecy makes an implementation 
inherently more vulnerable to this attack.  I didn't look at the details, but I 
suspect that this is because ephemeral public keys can also be filtered by 
hashing, e.g. a Simmons subliminal channel,  - but this is presumably more 
costly, and more detectable?

The attack report has a section on Countermeasures and Design Lessons, the most 
general countermeasure is to re-design the protocol not to send freely random 
nonces, which I agree with, since it is so simple.  They also suggest requiring 
time-stamps to prevent replay attacks, (in case re-used ephemeral keys).

Best regards,
​​​​​
Dan Brown

----------------------------------------------------------------------
This transmission (including any attachments) may contain confidential 
information, privileged material (including material protected by the 
solicitor-client or other applicable privileges), or constitute non-public 
information. Any use of this information by anyone other than the intended 
recipient is prohibited. If you have received this transmission in error, 
please immediately reply to the sender and delete this information from your 
system. Use, dissemination, distribution, or reproduction of this transmission 
by unintended recipients is not authorized and may be unlawful.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to