Enter Your Details to Register

Please enter your official e-mail ID. Kindly do not use a personal ID like GMail, Yahoo etc.,
Please do not enter +91 or 0.
Image CAPTCHA
Enter the characters (without spaces) shown in the image.

Enter Your Log-in Details

Six Security Vulnerabilities Addressed in OpenSSL

Added 9th Jan 2012

 Versions 1.0.0f and 0.9.8s of the popular OpenSSL library, released this week, address six security flaws, including one that allows DTLS (Datagram Transport Layer Security) communications to be decrypted.

The "padding oracle attack," which can recover plaintext information encrypted with DTLS, was devised by Nadhem Alfardan and Kenny Paterson of the Information Security Group at Royal Holloway, University of London (RHUL), who plan to present it at the 19th Annual Network & Distributed System Security (NDSS) Symposium in February.

The Alfardan-Paterson DTLS attack builds on previous RHUL research into CBC-based encryption weaknesses. When the CBC (Cipher-block chaining) mode of operation is used, each block of plaintext is XORed with the ciphertext of the previous block, making them dependable on each other.

Alfardan and Paterson discovered a way of recovering plaintext without knowing the initial encryption key (initialization vector) by analyzing timing differences that arise during the decryption process. The vulnerability facilitating this attack was addressed in OpenSSL versions 1.0.0f and 0.9.8s, which were released on Wednesday.

Another vulnerability addressed by these updates could result in a potential leak of non-ecrypted information when SSL 3.0 is used. The severity of the issue is limited by the special conditions required for successful exploitation and the small number of potentially exposed bytes.

One flaw that only affects the 0.9.8 OpenSSL branch stems from a policy check failure when the X509_V_FLAG_POLICY_CHECK flag is set. Its discovery is credited to core OpenSSL team member Ben Laurie and was fixed in version 0.9.8s.

Three denial-of-service conditions have also been addressed in the new releases. They were the result of an assertion failure triggered by malformed RFC 3779 data being included in certificates, a bug in the support for handshake restarts for server gated cryptography (SGC) and the lack of error checking when GOST parameters are set by TLS clients.

Users are advised to upgrade to the newly released OpenSSL versions for their corresponding platform or wait for the operating system vendors who integrate the library by default to issue updates through their regular channels.