Do you think that your online bank transactions are safe?Well, how do you say so?We normally say these data are safe by seeing a padlock(secure) icon on the browser near the URL.The padlock symbol represents https.Https is secure than HTTP by a single difference that it is encrypted.Do you think if your data is encrypted, will it be safe?
I too thought that the https is secure until these SSL vulnerabilities were discovered.These include POODLE and heartbleed vulnerability.Secure sockets layer protocol was developed to secure online data.The main requirement for SSL protocol is the SSL certificate.
HOW SSL WORKS?
- The browser sends an https request to the web server.
- the web server sends a copy of its SSL certificate to the browser.
- The browser checks the validity(key length, expiry, trusted CA etc) of the SSL certificate.
- If it is valid, the browser generates a session key(encrypted with a public key) and sends it to the server.
- Once receiving the session key, the server decrypts it using its private key and sends an acknowledgment to the browser.
- Thus an encrypted session is established
POODLE(padding oracle on downgraded legacy encryption)
This is vulnerability is common to SSL version3.The main trend of exploiting is the man-in-the-middle attacks.
In SSL, the data is divided into small chunks and is encrypted.Each part of the data is encrypted using the size of the previous part.
Depending on the hashing algorithm(SHA, MD5 etc) there is a fixed length of the data.If the part of the data does not match the length, then it is padded.The last part of the data contains the number of padding bits.This is the flaw which can be utilized.
As a man-in-the-middle, the attacker tampers a part of the data.This affects the next encryption since each encryption depends also on the previous data.
The main recommendation is to disable SSL
Upgrade to latest version of TLS