ssl那点事儿


刚才在光mail的时候看见qt的maillinglist提到他们要修改默认的ssl编译配置,本来没怎么当回事的….但是仔细读了度之后貌似还真说了件事的感脚….

目前只是粗略的看懂了问题,不过怎么产生的还是完全不懂,先把说明放在这,备忘个

A security vulnerability has been discovered in the SSL/TLS protocol, which affects connections using compression. All versions of TLS are believed to be affected. To address this, Qt will disable TLS compression by default.

  • How does the attack work?

If the attacker can insert data into the SSL connection, then by looking at the length of the compressed data it is possible to determine if the inserted data matches secret data or not.

For example, if you are sending a https request to a server using basic authentication then your http header contains data similar to: “Authorization: dXNlcjpwYXNzd29yZA==” If the attacker can insert data in the body of the request, e.g. “Authorization: d”

Then the compressed size will be smaller if they guessed the first character of the authentication token correctly. With repeated requests it would be possible to guess the whole string in linear time.

Any data in the headers could be guessed in this way, but authorization tokens and login cookies are the most likely targets.

除去下面的关于Qt程序的解决方案的部分,原文公告的问题描述部分就这么多.

如果原文没怎么看懂的话可以继续阅读下面我的分析部分(中文的.嗯)

问题出在ssl/tsl的协议部分,一旦使用了压缩的加密传输方式,所有的tsl版本都会受到影响

不过这个攻击的实现真的是非常简单.就像例子里面说的那样:

假设有一断想服务端发起的http请求,携带了简单加密数据在头域:

“Authorization: dXNlcjpwYXNzd29yZA=="

而攻击者能够在这个请求的正文部分插入一段数据:

“Authorization: d”

这样的话,最后压缩过的数据大小会变小,这样就使得攻击者能够一个字节一个字节的猜测/验证,直到获取完整而又完全正确的头数据.

不断的重复猜测->;正确后增加字符继续的话,任何人都可以在先行时间内得到验证数据

而且,任何在头域字段的信息都能够像这样被推测出来….

不得不说.这种漏洞真的是不知道该如何吐槽啊…….

至于其漏洞原理…这还得我进一步的搜索学习啦….

comments powered by Disqus