SWEET32 Birthday attack : How to fix TLS vulnerability (CVE-2016-2183) in OpenSSL, Apache, Nginx and IIS in RedHat, CentOS, Ubuntu, Debian, OpenSUSE and Windows
Over 80% websites in the internet are vulnerable to hacks and attacks. In our role as hosting support engineers for web hosts, we perform periodic security scans and updates in servers to protect them from hacks.
A recent bug that affects the servers is the SWEET32 vulnerability. By exploiting a weak cipher ‘3DES-CBC’ in TLS encryption, this bug has caused many server owners to panic about their data security.
If you see that your website is failing security scans with this message, that means your server is vulnerable to SWEET32 attacks.
“SSL/TLS server supports short block sizes (SWEET32 attack)”
What is SWEET32 Birthday Attack?
By default, servers have ‘3DES-CBC’ cipher enabled in TLS. This makes HTTPS connections in those servers vulnerable to this SWEET32 bug.
Hackers can then easily decrypt your valuable data using a method called Birthday Attack. Here’s how it works:
The web server encrypts data using cryptographic keys. These keys are chosen randomly, and the probability of any two customers getting the same key is very low.
By misusing the SWEET32 vulnerability, an attacker can send in large volume of dummy data, and get blocks of cipher text that matches that of a customer.
To break it down:
- The attacker sniffs all data sent to your customer.
- Attacker sends dummy data to your server until a key used for a customer matches the attacker’s session key.
- Once there’s a match, sensitive data can be decrypted by determining how the key was chosen.
Are your servers vulnerable to SWEET32 attack?
OpenSSL protocol uses the vulnerable ‘Triple-DES’ ciphers for encrypting the data. So if your web servers such as Apache, NginX, etc. uses OpenSSL with the vulnerable ‘Triple-DES’ cipher support, your server is susceptible to attack.
If your servers are running OpenSSL versions prior to 1.0.1, which cannot support strong ciphers, your servers are already vulnerable to many other attacks too, such as CCS Injection Vulnerability.
The first thing we do, is check the version of OpenSSL server:
root@host ~ $ openssl version OpenSSL 1.0.1f 6 Jan 2014
To examine the ciphers that are enabled in the OpenSSL server, we use the ‘nmap’ command. The code ‘3DES’ indicate cipher suites that use triple DES encryption. These are the ones we disable for server security.