BREACH Yoel Gluck, Neal Harris, and Angelo Prado prove that the solution used to mitigate CRIME attacks is not enough to present a new attack called BREACH (via Adaptive Compression of Hypertext). Meraeka found that exchanging data secured using TLS is not always safe against side-channel attacks. The attack is carried out by attacking HTTP Response which still uses gzip compression. Because a lot of information such as CSRF tokens and user input are also included in HTTP Response, the same method can be applied for this attack. There are several solutions offered, such as hiding long ciphertext information, separating confidential information from user input, disabling compression at the HTTP level, hiding confidential information, and limiting rate-limiting.
POODLE (Padding Oracle on Downgraded Legacy Encryption) is an attack triggered by three researchers from Google: Bodo Moller, Thai Duong, and Krzysztof Kotowicz. They found that if the client and server supported SSL and TLS together, an attacker could force the server to use SSL version 3.0, which still used an algorithm that was no longer considered safe, namely RC4 because it was considered to have a biased value that could leak information if confidential information ( can be the same key or cookie) used many times to send data . The recommended solution to anticipate POODLE attacks is to disable the SSL protocol version 3.0 on HTTPS or if it feels that SSL version 3.0 is still needed, you can use the TLS_FALLBACK_SCSV mechanism.
FREAK is a type of attack announced on March 3, 2015 by researchers from INRIA in Paris, Microsoft Research, and IMDEA. This attack allows an attacker to intercept HTTPS connections between client and server and force them to use a weak encryption algorithm so that the attacker can steal data or manipulate data. This problem initially arose because of the policy of the United States government to prohibit the use of strong encryption algorithms outside the United States and to limit the key size of 512 bits which at that time was considered quite strong and secure. The existing encryption system was designed to support the use of strong and weak systems, also known as EXPORT GRADE.
Over time, it was discovered that the TLS Client received weak RSA keys even though they did not request it. This can be used by attackers to change this request by requesting the RSA EXPORT GRADE key and using it to get the key used to decrypt it. Based on search results to the ALEXA site, there are more than 1 million sites that allow the use of RSA EXPORT.
LogJam is an attack similar to FREAK, but this attack is due to a weakness in the TLS protocol itself and focus on the exchange mechanism
not RSA. This attack allows an attacker to carry out a man-in-the-middle-attack attack and force the connection to use TLS with an algorithm
the study found that about 8.4% of the top 1 million domains and all web browsers were still weak against this problem at the time the issue was announced. The solution to this problem is to increase the key bit size used to be at least 2048 bits, disable the export cipher suite, and upgrade the version of OpenSSH that uses the Elliptic-Curve key
DROWN is an inter-protocol attack that can decrypt TLS sessions that have been successfully collected passively from clients using a server that supports the SSLv2 protocol and uses RSA key exchange. When this attack was discovered, 79% of all HTTPS servers around the world were still affected by this attack. The solution to resolve this attack is to stop supporting the SSLv2 protocol which is very out-of-date
DROWN is an inter-protocol attack that can decrypt TLS sessions that have been successfully collected passively from clients using a server that supports the SSLv2 protocol and uses RSA key exchange. When this attack was discovered, 79% of all HTTPS servers around the world were still affected by this attack. The solution to resolve this attack is to stop supporting the SSLv2 protocol which is very out-of-date.
HEARTBLEED Heartbleed is a vulnerability that was discovered in the OpenSSL library in April 2014 and can be used to exploit a server to get a secret key quickly. This attack tries to attack one of the extensions in the TLS / DTLS protocol, the heartbeat which functions to maintain a connection without having to send data continuously on the TLS / DTLS protocol. The solution to anticipating this attack is to upgrade the OpenSSL library).
Based on the discussion and analysis of the system test results in chapter IV, several conclusions can be drawn as follows:
- There are still many universities that have not used the HTTPS protocol. Out of a total of 1505 tertiary institutions that have websites, only 28 of 1505 (1.86%) institutions in Java use the HTTPS protocol. This reflects the fact that many institutional website managers are still not aware of the importance of the HTTPS protocol for securing one of the assets of an educational institution, namely the domain and web pages of the institution. 2. All institutions have used key lengths and algorithms for digital signatures that are recommended and safe to use, but found many problems in the implementation of the HTTPS protocol, both in terms of protocol
on the web server. 3. Of the 28 institutional sites tested, 28.57% still use the SSLv3 protocol and are still vulnerable to POODLE attacks, 32.14% still use the RC4 protocol, 21.42% are still potentially affected by DROWN attacks because they still use the SSLv2 protocol or use the same RSA key, and 14.28% only supports the TLS 1.0 protocol and does not yet support the TLS 1.2 protocol that is recommended for use. This shows that the level of security awareness of website managers is still lacking. 4. Most educational institutions
latest security. Only around 17.8% have started using HTTP Strict Transport Security (HSTS), but there is no one university that has implemented HTTP Public Key Pinning (HPKP). This reflects the low adoption of the latest technology for increased security on college web sites.