March 2, 2016
DROWN, a new vulnerability in the SSL/TLS cryptographic protocols, could allow attackers to decrypt supposedly secure HTTPS connections between internet servers and end users. HTTPS encrypts traffic in order to prevent eavesdropping or interception and is used to secure everything from email services to online banking sessions.
The vulnerability (CVE-2016-0800) lies in the fact that attackers can force a web server to use an old, insecure version of SSL/TLS known as SSLv2. Although no longer used, SSLv2 is still supported by many web servers. Every time a connection is made using SSLv2, a small amount of data about the server’s encryption key is leaked. By making multiple connections to the server using SSLv2, an attacker can piece together the encryption key and decrypt all HTTPS traffic.
DROWN, which stands for Decrypting RSA with Obsolete and Weakened eNcryption, was discovered by a team of researchers from Tel Aviv University, Münster University of Applied Sciences, the Horst Görtz Institute for IT security, Ruhr University Bochum, the University of Pennsylvania, the Hashcat Project, the University of Michigan, and the OpenSSL project.