Security issues in Transport Layer

Abdul Kalam Azad

12-1-5-008
April 16, 2016

Introduction

Transport layer is a protocol for host-to-host communication. Transport

layer must ensure to protect data when it is being transmitted.
Transport layer is the first layer of the TCP/IP model that offers reliability. Hence, transport layer security is an important subject.
Most common example of security issue in transport layer is Portscan
attack, which operates under the assumption that target host is compliant
with Transmission Control Protocol.

Security In Transport Layer

Currently, security needed in transport layer, viz. encryption, authentication, and data integrity, is provided by two protocols: SSL and TLS

2.1

SSL

SSL or Secure Socket Layer protocol was originally developed at Netscape

to enable ecommerce transaction security on the Web

2.2

TLS

TLS (Transport Layer Security) is an updated, more secure, version of SSL.

SSL 3.1 is renamed to TLS 1.0 by IETF. SSL and TLS are only applicable
in TCP protocol. For UDP protocol, DTLS or Datagram Transport Layer
Security is used.
Since, TLS and SSL are not interoperable, both are mentioned separately.

Insufficient Transport Layer Security

Poor applications leads to insufficient transport layer security, [1] where

not all traffic flowing between two endpoints is properly secured, which
makes it possible for attackers to perform man-in-the-middle attacks, e.g.
IP spoofing.

4
4.1

Known Attacks on TLS [2]

SSL Stripping

Various attacks attempt to remove the use of (SSL/TLS) altogether by modifying unencrypted protocols that request the use of TLS, specifically modifying HTTP traffic and HTML pages as they pass through the media.

4.2

STARTTLS Command Injection Attack

This is a software flaw where an attacker injects client commands during

the unprotected connection which are stored in buffer, such that commands
received prior to TLS negotiation are executed after TLS negotiation.

4.3

BEAST attack

The BEAST attack [BEAST] uses issues with the TLS 1.0 implementation of
Cipher Block Chaining (CBC) to decrypt parts of a packet, and specifically
to decrypt HTTP cookies when HTTP is run over TLS.

4.4

Padding Oracle Attacks

In cryptography, variable-length plaintext messages often have to be padded

(expanded) to be compatible with the underlying cryptographic primitive.
Padding Oracle Attack is performed by guessing whether a message is correctly padded or not.

4.5

Attacks on RC4

The RC4 algorithm has been used with TLS. Recent cryptanalysis results
exploit biases in the RC4 keystream to recover repeatedly encrypted plaintexts.

4.6

Compression Attacks: CRIME, TIME, and BREACH

These vulnerabilities are a result of inadvertent information leakage through

data compression used over TLS

4.7

Theft of RSA Private Keys

When TLS is used with most non-Diffie-Hellman cipher suites, it is sufficient

to obtain the servers private key in order to decrypt any sessions (past and
future) that were initiated with that server.

4.8

Cross Protocol Attack

An attack that enables an adversary to successfully impersonate a server to

a random client after obtaining sufficient signed elliptic curve keys from the
original server.

4.9

Renegotiation

The attacker forms a TLS connection with the target server, injects content
of his choice, and then splices in a new TLS connection from a client.

4.10

Triple Handshake

The triple handshake attack enables the attacker to cause two TLS connections to share keying material.

4.11

Virtual Host Confusion

SSLv3 fallback and improper handling of session caches on the server side
can be abused by an attacker to establish a malicious connection to a virtual
host other than the one originally intended and approved by the server.

4.12

Denial of Service

A transport layer DoS attack involves sending many connection requests to

a target host. Since a client can easily force the server to expend relatively
large computational work, the risk of malicious clients and botnets mounting
denial-of-service attacks is very real. Example of DoS in transport layer is
TCP SYN flood, where succession of SYN requests to server crashes the
system

4.13

Implementation Issues

Even when the protocol is properly specified, this does not guarantee the
security of implementations. In fact, there are very common issues that often
plague TLS implementations. Some widespread implementation issues are:
4.13.1

Heartbleed

This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. The vulnerability arises from buffer over-read, a situation where more data can be
read than should be allowed.
4.13.2

Early CCS

Some version of OpenSSL accepts ChangeCipherSpec (CCS) inappropriately

during a handshake. A successful exploit allows an attacker to intercept, decrypt, and modify the underlying plaintext traffic between vulnerable clients
and servers.
4.13.3

OprahSSL

An attacker could cause certain checks on untrusted certificates to be bypassed, such as the CA flag, enabling them to use valid leaf certificate to
act as a CA and issue an invalid certificate.

Transport Layer Protection Benefits

The primary benefit of transport layer security is the protection of web

application data from unauthorized disclosure and modification when it is
transmitted between clientsand server. Transport layer security also provides integrity guarantees and replay prevention.

References
1. Insufficient Transport Layer Protection. Veracode.
2. RFC 7457 - Summarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS). Internet Engineering Task
Force (IETF)