Wednesday, September 24, 2014

What the security issue was all about

Mozilla has released 32.0.3 and the official advisory, so now we can talk about it. What got fixed in 31.1.1 is a flaw in verifying signatures of RSA certificates, most importantly such as those used to confirm the identity of secure sites. By exploiting this bug the proof of concept caused Firefox to accept a forged certificate, which facilitates information stealing and man-in-the-middle attacks. The forgery is an interesting variant of a well-understood older attack vector called the Bleichenbacher attack, named after the crytographer who discovered it, or more colourfully the "million message attack," itself a specific form of an adaptive chosen-ciphertext attack. Through a combination of flaws, a clever attacker could synthesize a completely bogus "valid" certificate in a relatively small amount of computing time and use it to impersonate victim servers to steal credentials and data.

The general type of flaw suggests other crypto libraries may be vulnerable to this specific problem or a related form of it. That said, this problem has existed in Mozilla code since at least 2006; earlier versions don't use the same ASN.1 parsing code, but almost certainly have other problems related to certificate verification. You are strongly advised to update, because the relative ease with which a certificate can be forged will put yourself at much greater risk in the near future if you don't (24.7.0 is vulnerable, as is every prior version of TenFourFox).

No comments:

Post a Comment

Due to an increased frequency of spam, comments are now subject to moderation.