Researchers Claim Discovery of SSL Encryption Vulnerability

Attacks based on an implementation flaw of the Secure Sockets Layer (SSL) cryptographic protocol will be demonstrated on Friday by two security researchers.

Thai Duong and Juliano Rizzo plan to demonstrate their proof-of-concept code BEAST (Browser Exploit Against SSL/TLS) at this week's Ekoparty security conference in Argentina, which can lead to a hijacker taking control of a user's session from a specific Web site.

"We present a new fast block-wise chosen-plaintext attack against SSL/TLS," wrote Rizzo, in an announcement of the pair's upcoming demonstration. "We also describe one application of the attack that allows an adversary to efficiently decrypt and obtain authentication tokens and cookies from HTTPS requests. Our exploit abuses a vulnerability present in the SSL/TLS implementation of major Web browsers at the time of writing."

Rizzo said that if this vulnerability is perfected, an attacker could have the unwanted code installed and executed in as short as 10 minutes on an unsuspecting user's system.

What makes this vulnerability unique is that it allows an attacker to bypass Web certificates to initiate phishing, man-in-the-middle attacks or spoofed Web content -- an action that was widely thought to be unable to do.

"It is worth noting that the vulnerability that BEAST exploits has been presented since the very first version of SSL," said Duong, in an interview with security Web site ThreatPost. "Most people in the crypto and security community have concluded that it is non-exploitable, that's why it has been largely ignored for many years."

While newer versions (1.1 and 1.2) of the Transport Layer Security (TLS) cannot be taken advantage of from this exploit, most Web browsers, including Chrome and Firefox, still only support the older, vulnerable version 1.0.

For the team of Rizzo and Duong, this isn't their first high-profile security discovery -- the two were responsible for discovering a bug in the default encryption mechanism used to protect the cookies in ASP.NET last year, which led to an out-of-band patch.


About the Author

Chris Paoli is the site producer for and

comments powered by Disqus

Reader Comments:

Wed, Sep 21, 2011

With IE you might also want to verify that the option 'Launching files and programs in an IFRAME' is at least set to the 'recommended' level of PROMPT. You find this under Internet Options > Security > Internet (or whatever zone) > Custom Level. This should help a bit in cases where the 'BEAST' JS code might get launched from rendering an IFRAME.

Wed, Sep 21, 2011

I just checked my IE 9 settings. Use TLS 1.2 and Use SSL 3.0 are the only ones checked. I guess IE 9 is not considered to be in the set of "most Web browsers".

Wed, Sep 21, 2011 Dan Iowa

I have reliable information from a source who will only identify himself to me as Anonymous. He says he knows some experts in the field, (also unnamed), that can confirm that this as yet undemonstrated exploit is something we should worry about. I for one am worked up about...

Wed, Sep 21, 2011

Hmmm this appears to require malicious Javascript code to be injected into the user's browser, and so the exploit apparently is limited to systems/instances which may have already been compromised by some other means. If both the host and client systems have not been compromised, then this is essentially may be a non-issue? Am I correct?

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.