english only
School of Computer and Communication Sciences
LASEC - Security and Cryptography Laboratory
EPFL > IC > LASEC > publications
Banner IC
INDEX
Home
People
Research
Teaching
Publications
Softwares & Events
Intranet
How to reach us

CONTACT

EPFL - I&C - ISC - LASEC
Station 14 - Building INF
CH-1015 Lausanne
Switzerland

Tel. +41 21 693 7603
Fax. +41 21 693 7689

Ref: CHVV03


Password Interception in a SSL/TLS Channel
Brice Canvel, Alain Hiltgen, Serge Vaudenay, Martin Vuagnoux

Published:
Advances in Cryptology -- CRYPT'03, Lecture Notes in Computer Science, No.2729, pp. 583-599, Springer-Verlag, 2003.

Abstract:
Simple password authentication is often used e.g. from an email software application to a remote IMAP server. This is frequently done in a protected peer-to-peer tunnel, e.g. by SSL/TLS.

At Eurocrypt'02, Vaudenay presented vulnerabilities in padding schemes used for block ciphers in CBC mode. He used a side channel, namely error information in the padding verification. This attack was not possible against SSL/TLS due both to the unavailability of the side channel (errors are encrypted) and premature abortion of the session in case of errors. In this paper we extend the attack and optimize it. We show it is actually applicable against the latest and most popular implementations of SSL/TLS (at the time this paper was written) for password interception.

We demonstrate that a password for an IMAP account can be intercepted when the attacker is not too far from the server in less than an hour in a typical setting.

We conclude that these versions of the SSL/TLS implementations are not secure when used with block ciphers in CBC mode and propose ways to strengthen them. We also propose to update the standard protocol.


Download   [HTTP]

© 2011, EPFL