Attacks on TLS vulnerabilities: Heartbleed and beyond
Over the past few years, we’ve seen a variety of TLS vulnerabilities steadily surface. In general, we brand each one as “just another TLS vulnerability,” but the intricacies of each are rather distinct, though not horribly convoluted. Let’s walk through a few together. 2014: Heartbleed and POODLEHeartbleed affects the OpenSSL library’s implementation of a TLS extension—the TLS heartbeat. A TLS heartbeat works as follows: The client (or server) sends some amount of data in a heartbeat request to its peer to verify the peer’s presence or keep the connection alive. The peer then echoes the data back to the sender to verify that the peer is reachable and alive. If you want the nitty-gritty details of the heartbeat extension, feel free to read the IETF’s description. Exploitation of Heartbleed, a faulty heartbeat implementation, can allow an attacker to read up to 64 KB of memory at a time from a peer running a vulnerable version of OpenSSL. Here’s how:
Posted in Software Architecture & Design