A team of academics has disclosed today a theoretical attack on the TLS cryptographic protocol that can be used to decrypt the HTTPS connection between users and servers and read sensitive communications.
Named Raccoon, the attack has been described as “really hard to exploit” and its underlying conditions as “rare.”
The Raccoon attack is, at its base, a timing attack, where a malicious third-party measures the time needed to perform known cryptographic operations in order to determine parts of the algorithm.
The target is the Diffie-Hellman key exchange process, with the aim being to recover several bytes of information.
“In the end, this helps the attacker to construct a set of equations and use a solver for the Hidden Number Problem (HNP) to compute the original premaster secret established between the client and the server,” .
All servers that use the Diffie-Hellman key exchange in setting up TLS connections are vulnerable to attacks.
This is a server-side attack and cannot be performed on a client, such as browsers. The attack also needs to be executed for each client-server connection in part, and cannot be used to recover the server’s private key and decrypt all connections at once.
Servers that use the Diffie-Hellman key exchange and TLS 1.2 and below are considered vulnerable. DTLS is also impacted.
TLS 1.3 is considered safe.
“The vulnerability is really hard to exploit and relies on very precise timing measurements and on a specific server configuration to be exploitable,”.
“(The attacker) needs to be close to the target server to perform high precision timing measurements. He needs the victim connection to use DH(E) and the server to reuse ephemeral keys. And finally, the attacker needs to observe the original connection.
Attacker would need to do to break modern cryptographic primitives like AES, the attack does not look complex anymore.
“But still, a real-world attacker will probably use other attack vectors that are simpler and more reliable than this attack,”
While the attack has been deemed hard to exploit, some vendors have done their due diligence and released patches. Microsoft (CVE-2020-1596), Mozilla, OpenSSL (CVE-2020-1968), and F5 Networks (CVE-2020-5929) have released security updates to block Raccoon attacks.