[055] solutions to the poodle vulnerability exposed by SSL 3.0 ----- developer

High-risk vulnerabilities exposed by SSL 3.0

On April 9, October 15, 2014, Google researchers announced a very serious vulnerability in the SSL 3.0 protocol, which can be used by hackers to intercept encrypted data transmitted between browsers and servers, such as online banking accounts, email accounts, and personal privacy. The SSL 3.0 vulnerability allows attackers to initiate a downgrade attack, that is, spoofing the browser to say "the server does not support more secure transport layer (TLS) Protocol", and then force the server to switch to use SSL 3.0, after forcing the browser to use SSL 3.0 to communicate with the server, hackers can use man-in-the-middle attacks to decrypt HTTPS cookies. Google calls them poodle attacks, all data transmitted over the network will not be encrypted.

The author also noticed the SSL3.0 vulnerability only when the public platform issued the "public platform adjusts the SSL security policy, please pay attention to the upgrade" Notice. The main content of the notification: "A high-risk vulnerability has been exposed in SSL over the HTTPS encryption protocol recently, which may cause hackers to listen to the data transmitted over the network and pose a threat to the security of user information, network account and password. To ensure user information and communication security, the public platform will disable SSLv2 and SSLv3 support, and does not support some client calls using SSLv2, SSLv3, or a lower version. Developers who are still using these versions should fix the upgrade as soon as possible before January 1, November 30 ."

Knowledge popularization 1: Key Points of SSL protocol

SSL (Secure Sockets Layer) is a secure communication protocol based on Web applications. It was first proposed by Netscape. SSL is between the TCP protocol and the application layer protocol. It is used to encrypt data at the HTTP, FTP, and other application layers and then upload data to the destination over the Internet based on reliable TCP protocol, the most typical application is HTTPS.

SSL provides three basic security services:

1) Identity legitimacy: Data senders and receivers must confirm their identities and ensure that their identities are not impersonated.

2) Data Confidentiality: All transmitted data is encrypted and cannot be cracked even if the data is intercepted.

3) Data Integrity: ensure that the received data is consistent with the data sent by the sender and has not been tampered.

Data encryption algorithms used by the SSL protocol:

1) asymmetric encryption algorithm: different keys are used for data encryption and decryption, such as the RSA public key encryption algorithm. The advantage is that the security level is high and it is difficult to crack. The disadvantage is that the encryption and decryption speed is slow, so it is only applicable to the encryption of a small amount of data. The SSL protocol uses asymmetric encryption algorithms to implement digital signatures, verify the identity of the Data sender (or receiver), and use asymmetric encryption algorithms to exchange keys (Keys of symmetric encryption algorithms used for data encryption, and Mac algorithms used for data integrity verification ).

2) symmetric encryption algorithms: data encryption and decryption use the same key. For example, Des, 3DES, and RC4 are symmetric encryption algorithms. The advantage is that encryption and decryption are fast and suitable for encryption of large data volumes, but the security is poor. The SSL protocol uses symmetric encryption algorithms to encrypt transmitted data.

3) MAC Algorithm: Message Authentication codes, the message authentication code algorithm. Mac contains the hash function algorithm of the key, which is compatible with the features of the MD and Sha algorithms and adds the key. The SSL protocol uses the MAC Algorithm to verify message integrity.

Knowledge popularization 2: SSL protocol version

Currently, the SSL protocol is mainly available in five versions: ssl2.0, SSL3.0, tls1.0, tls1.1, and tls1.2. Transport Layer Security (Transport Layer Security) the Protocol is an upgraded version of the SSL protocol.
After the SSL protocol exposes the poodle vulnerability, the public platform will cancel the support for SSLv2 and SSLv3, And the browsers and other platforms using the SSL protocol will gradually cancel the support for SSLv2 and SSLv3, currently, only tlsv1.0, tlsv1.1, and tlsv1.2 are recommended.

How can I view the SSL protocol used?

In Java Development, set the system attribute "javax.net. debug" to "SSL, handshake" before the SSL server or client code to output SSL communication logs to the console. The code for enabling SSL communication logs is as follows:

System.setProperty("javax.net.debug", "ssl,handshake");

The following is part of the SSL communication log generated by the author testing to call the public platform interface to obtain access_token. The log shows that SSLv2 and tlsv1 protocols are used in the communication process. SSLv2 is used to send HELLO messages to the server, while tlsv1 is used to shake hands, exchange keys, and data encryption.

*** ClientHello, TLSv1...main, WRITE: TLSv1 Handshake, length = 75main, WRITE: SSLv2 client hello message, length = 101main, READ: TLSv1 Handshake, length = 81*** ServerHello, TLSv1...main, READ: TLSv1 Handshake, length = 3747...main, WRITE: TLSv1 Change Cipher Spec, length = 1...main, WRITE: TLSv1 Handshake, length = 48main, READ: TLSv1 Change Cipher Spec, length = 1main, READ: TLSv1 Handshake, length = 48...main, WRITE: TLSv1 Application Data, length = 336main, READ: TLSv1 Application Data, length = 336

How do I set the protocol used by the ssl client?

1. in Java, if sslsocket or sslengine is used to implement the ssl client, you can use setenabledprotocols (string [] Protocols) to set the Protocol that the ssl client can use. The sample code snippet is as follows:

Socketfactory Sf = sslsocketfactory. getdefault (); sslsocket socket = (sslsocket) Sf. createsocket ("localhost", 8443); // set the Protocol string [] Protocols = {"tlsv1"}; socket. setenabledprotocols (protocols );

2. in Java, if you use httpsurlconnection to implement the ssl client, you can specify the protocol used by the ssl client through the system attribute "HTTPS. Protocols" before the httpsurlconnection-related code. The Code is as follows:

System.setProperty("https.protocols", "TLSv1");

How do I set the protocols supported by the SSL server?

1. in Java, if sslsocket or sslengine is used to implement the SSL server, setenabledprotocols (string [] Protocols) method is also used to set the protocols supported by the SSL server.

2. in Java, if the HTTPS service is provided externally through tomcat, you can specify the protocols supported by the SSL server by setting the sslprotocol attribute in % Tomcat %/CONF/server. xml. The sample code is as follows:

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"maxThreads="150" scheme="https" secure="true"clientAuth="false"sslProtocol="TLS" />

Sslprotocol attribute settings:

1) if setprotocol = "tlsv1" is set, the server supports SSLv3 and tlsv1;

2) If setprotocol = "tlsv1.1" is set, the server supports SSLv3, tlsv1, and tlsv1.1;

3) If setprotocol = "tlsv1.2" is set, the server supports SSLv3, tlsv1, tlsv1.1, and tlsv1.2.

If the server does not support SSLv3 and only supports tlsv1, tlsv1.1, and tlsv1.2, what should I do? In this case, you need to set another sslenabledprotocols attribute. The sample code is as follows:

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"maxThreads="150" scheme="https" secure="true"clientAuth="false"sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" />

If the reader uses other Web servers to provide HTTPS services externally, such as Apache, WebLogic, and websphere, and all have similar properties to set SSL protocols supported by the server, I will not go into details here. I believe that after reading this article, developers should be able to easily cope with the SSL 3.0 poodle vulnerability. At the same time, they should be clear about how to modify their program code after the public platform adjusts the SSL security policy.

If you think blog articles are helpful to you, please leave a message or follow the public account below to support Liu Feng (No.: liuyq10 )!

Gywodejia)

Post please indicate this article from Liu Feng blog (http://blog.csdn.net/lyq8479), please respect others' hard work results, thank you!

[055] solutions to the poodle vulnerability exposed by SSL 3.0 ----- developer