We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
 
74,953 News Articles

Safer Internet encryption via TLS may take years, expert says

The newest protocol was defined in 2008.

Although the Transport Layer Security (TLS) 1.2 protocol, designed to make network connections more secure, was defined in 2008, a security expert at Black Hat Europe this week in Amsterdam said it will be years before Web users can reap its benefits.

TLS was developed in 1999 as an improvement on Secure Socket Layer (SSL) data encryption. Though SSL 3.0 is still used, TLS version 1.0 is supported by most commonly used browsers. However, it was proven vulnerable in 2001 when security researchers demonstrated a working exploit, code named BEAST (Browser Exploit Against SSL/TLS).

TLS developers fixed the flaw in 2006 by updating the protocol to version 1.1. An even safer, 1.2 version, was defined in 2008. The problem is, almost no one uses the 1.1 and 1.2 protocols, said Tom Ritter, security consultant for Isec Partners, during his keynote speech at Black Hat Europe on Wednesday in Amsterdam.

He showed the audience TLS implementation tables to emphasize his point. Almost all important browsers support TLS 1.0, but only Opera and Internet Explorer allow users to switch to TLS 1.1 or 1.2 manually.

It would be better if all browsers implemented the technology, but that will take time, Ritter said. "We are not going to see that for a while, it needs a couple of years for browsers to implement it," he said.Many servers have the ability to support TLS 1.1 and 1.2, but recent research showed that the protocol is hardly ever used in practice. "The numbers differ but they all amount to zero," Ritter said.

The costs of implementing TLS 1.2 are high, which has hindered its implementation, Ritter said. In addition, there are implementations of TLS that don't work correctly, the security consultant explains in a white paper discussing the problems.

Problems include "TLS servers that are intolerant of versions greater than 1.0, compression algorithms, and a relatively high number of servers intolerant to any extensions (7 percent)," he noted.

If a handshake fails, nearly all HTTPS clients will fall back on SSL 3.0, enabling a so-called TLS downgrade attack in which malevolent hackers exploit vulnerabilities in the older protocol to compromise secure data exchange, Ritter said."Until HTTPS clients remove the downgrade behavior this vulnerability will always exist, and the security bene?ts of negotiating TLS 1.1 or 1.2 will not be realized when the threat model includes an active attacker," Ritter said. Until this issue is resolved, connections remain vulnerable for these attacks, which is why "we'll never actually get the security of the protocols until we remove backwards compatibility," he said.

Loek covers all things tech for the IDG News Service. Follow him on Twitter at @loekessers or email tips and comments to loek_essers@idg.com


IDG UK Sites

LG G Watch release date, price and specs: Hands-on and pictures

IDG UK Sites

Apple financial results: iPhones, iPads & Macs sales for Apple's Q2 2014, plus shares to split

IDG UK Sites

Twitter - not news

IDG UK Sites

See Moo Studios' new animated advert for Blue Moon beer