News
Vigil@nce - OpenSSL: Man-in-the-middle FIPS Diffie Hellman
April 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
When OpenSSL is compiled in FIPS mode, a Man-in-the-middle attacker can force the generation of a predictable Diffie Hellman secret.
Severity: 2/4
Creation date: 20/04/2011
IMPACTED PRODUCTS
OpenSSL
DESCRIPTION OF THE VULNERABILITY
OpenSSL can be compiled in FIPS mode (Federal Information Processing Standard) with "./config fipscanisterbuild".
An attacker, who is located between the client and the server, and who knows the server secret key, can decrypt a SSL/TLS session. The EDH/DHE (Ephemeral Diffie-Hellman) algorithm is used to compute a new key only known by the client and the server, so the intermediate attacker cannot decrypt the session.
However, in FIPS mode, OpenSSL does not reject weak P/Q parameters for EDH/DHE.
When OpenSSL is compiled in FIPS mode, a Man-in-the-middle attacker can therefore force the generation of a predictable Diffie Hellman secret.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
