The internet standard, TLS (Transport Layer Security), secure the communication between the servers and clients over the internet, and designed to be application layer independent, allowing many diverse communication protocols.

While ALPACA is an application layer protocol content confusion attack, which exploits TLS servers with different protocols that uses compatible certificates, like wildcard certificates. And attackers can also redirect traffic from one subdomain to the other, resulting a valid TLS session.

According to a group of researchers from Ruhr University Bochum, Münster University and Paderborn University, the attack breaks the authentication of TLS making cross-protocol attacks possible where the behavior of a protocol service could compromise the other at the application layer.

How ALPACA Attack takes advantage of TLS Flaw for Cross-Protocol Attacks?



The general TLS flaw behind ALPACA is found within the server authentication, which potentially affects all TLS servers that have compatible certificates with other TLS services, therefore making all the servers vulnerable.



There are three possible ways an attacker can use cross-protocol attacks against webservers and Email servers exploiting vulnerable FTP, namely: the Upload Attack, the Download Attack and the Reflection Attack, whereby the attacker executes a reflected XSS in context of the victim site.

But the success of the ALPACA attack depends on many preconditions which need to be fulfilled, like the generic attack requires a MitM attacker to intercept and divert the victim's traffic at the TCP/IP layer. And the potential consequences of ALPACA attack are dependent on the interactions of two unknown protocols, with a number of undesirable behaviors possible.

How Can Admins mitigate these TLS attacks?



There are two extensions that can provide some protection to the application layer protocol in TLS, namely: SNI and ALPN. While SNI is the client that allow the server to know about the hostname it needs to connect to, and also useful in virtual hosting configurations. And the SNI standard allows the server to terminate the connection when the hostname doesn't match that of the server, which could prevent ALPACA attacks in practice. However, this strict behavior is rarely implemented, even among the best web servers.

But the good news is that many vendors have updated their servers to remove exploitation vectors and adding countermeasures in the application layer and/or TLS implementation. With the TLS library maintainers haven reviewed the ALPN and SNI implementations and updated their code and documentation to allow implementation of countermeasures by developers.

ALPACA Attack: TLS Flaw exposes Secure Sites to Cross-Protocol Attacks

The internet standard, TLS (Transport Layer Security), secure the communication between the servers and clients over the internet, and designed to be application layer independent, allowing many diverse communication protocols.

While ALPACA is an application layer protocol content confusion attack, which exploits TLS servers with different protocols that uses compatible certificates, like wildcard certificates. And attackers can also redirect traffic from one subdomain to the other, resulting a valid TLS session.

According to a group of researchers from Ruhr University Bochum, Münster University and Paderborn University, the attack breaks the authentication of TLS making cross-protocol attacks possible where the behavior of a protocol service could compromise the other at the application layer.

How ALPACA Attack takes advantage of TLS Flaw for Cross-Protocol Attacks?



The general TLS flaw behind ALPACA is found within the server authentication, which potentially affects all TLS servers that have compatible certificates with other TLS services, therefore making all the servers vulnerable.



There are three possible ways an attacker can use cross-protocol attacks against webservers and Email servers exploiting vulnerable FTP, namely: the Upload Attack, the Download Attack and the Reflection Attack, whereby the attacker executes a reflected XSS in context of the victim site.

But the success of the ALPACA attack depends on many preconditions which need to be fulfilled, like the generic attack requires a MitM attacker to intercept and divert the victim's traffic at the TCP/IP layer. And the potential consequences of ALPACA attack are dependent on the interactions of two unknown protocols, with a number of undesirable behaviors possible.

How Can Admins mitigate these TLS attacks?



There are two extensions that can provide some protection to the application layer protocol in TLS, namely: SNI and ALPN. While SNI is the client that allow the server to know about the hostname it needs to connect to, and also useful in virtual hosting configurations. And the SNI standard allows the server to terminate the connection when the hostname doesn't match that of the server, which could prevent ALPACA attacks in practice. However, this strict behavior is rarely implemented, even among the best web servers.

But the good news is that many vendors have updated their servers to remove exploitation vectors and adding countermeasures in the application layer and/or TLS implementation. With the TLS library maintainers haven reviewed the ALPN and SNI implementations and updated their code and documentation to allow implementation of countermeasures by developers.

No comments