Watch Out For Those Pesky Cyber Raccoons …
What I love about cybersecurity is that it is ever-changing, and every day brings a new threat to analyse. For me, it is a chance to twiddle bits and try out some code. The latest one defines the Raccoon Attack [here]:
And it’s those pesky time attacks that can be exploited in TLS. While it’s difficult to exploit, it does show another weakness of TLS. Overall it exploits the Diffie-Hellman (DH) key exchange and where Bob sends g^a (mod N), and Alice sends g^b (mod N), and then the shared key is g^{ab} (mod N). This shared key is known as the premaster key, and which is then used to generate each of the sessions keys using a key derivation function.
In the attack, the researchers define that preceding zeros in the premaster key are stripped off, it is possible to observe the length of the key being used. For this Eve could listen to Alice sending g^a (mod N) to Bob, and then replays that back to Bob, and observes if there are preceding zeros, or not. Next Eve sends:
g^{r_i} g^a
and which gives a preshared key of g^{ri*b}*g^{ab}. Eve then keeps trying until there is a premaster secret starting with zero. This results in a possible…
