• 欢迎访问速搜资源吧,如果在网站上找不到你需要的资源,可以在留言板上留言,管理员会尽量满足你!

【速搜问答】降级攻击是什么

问答 admin 9个月前 (04-13) 162次浏览 已收录 0个评论

汉英对照:
Chinese-English Translation:

降级攻击(Downgrade attack)是一种对计算机系统或通讯协议的攻击。在降级攻击中,攻击者故意使系统放弃新式、安全性高的工作方式(如加密连接),反而使用为向下兼容而准备的老式、安全性差的工作方式(如明文通讯)。

Downgrade attack is an attack on computer system or communication protocol. In the downgrading attack, the attacker intentionally makes the system give up the new and high security working mode (such as encrypted connection), and instead use the old and low security working mode (such as plaintext communication) prepared for downward compatibility.

降级攻击(Downgrade attack)是一种对计算机系统或通讯协议的攻击。在降级攻击中,攻击者故意使系统放弃新式、安全性高的工作方式(如加密连接),反而使用为向下兼容而准备的老式、安全性差的工作方式(如明文通讯)。例如,在 OpenSSL 中曾经存在一个缺陷,从而使攻击者能够让 SSL/TLS 服务器与客户端创建老版本 TLS 连接,尽管双方事实上支持新版本。这样的攻击是最常见的降级攻击。

Downgrade attack is an attack on computer system or communication protocol. In the downgrading attack, the attacker intentionally makes the system give up the new and high security working mode (such as encrypted connection), and instead use the old and low security working mode (such as plaintext communication) prepared for downward compatibility. For example, there was a flaw in OpenSSL that allowed an attacker to allow an SSL / TLS server to create an old version of TLS connection with a client, even though both sides actually supported the new version. Such an attack is the most common degradation attack.

简介

brief introduction

向下兼容(downward compatibility),在计算机中指在一个程序、库或硬件更新到较新版本后,用旧版本程序创建的文档或系统仍能被正常操作或使用(包括输入数据)、在旧版本库的基础上开发的程序仍能正常编译运行,或较旧版的硬件仍可在新版使用的情况。

Downward compatibility refers to the situation that after a program, library or hardware is updated to a newer version, the document or system created by the older version program can still be operated or used normally (including input data), the program developed on the basis of the older version library can still be compiled and run normally, or the older version hardware can still be used in the newer version.

降级攻击是一种间接攻击计算机系统的方式,使系统放弃安全度较高的工作方式,使用向下兼容的工作方式。降级攻击常被用于中间人攻击,将加密通讯的安全性大幅削弱,得以进行原本不可能做到的攻击。SSL/TLS 协议是降级攻击的重灾区,长期面临这类问题,例如 POODLE(Padding Oracle On Downgraded Legacy Encryption)攻击。去除向下兼容往往是解决降级攻击的较好手段。

Demotion attack is an indirect way to attack computer system, which makes the system give up the high security working mode and use the downward compatible working mode. Demotion attack is often used in man in the middle attack, which greatly weakens the security of encrypted communication and makes it impossible to attack. SSL / TLS protocol is a serious disaster area of degradation attacks, which has been faced with such problems for a long time, such as the Polo (padding oracle on degraded legacy encryption) attack. Removing downward compatibility is often a better way to solve the degradation attack.

降级过程

Degradation process

降级过程通过翻转两端的认证协议来实现。具体来说, 由于对认证协议选项的配置是从服务器端开始的,当服务器发送出第一个 configure-request 报文时,服务器端 PPTP 程序记录了当前服务器认可的认证协议选项, 这个认证协议是 CHAP。 当客户端接收到这个 configure-request 报文时,必然会发送 Ack 报文对服务器发送的上一个配置报文进行确认。此时,中间人攻击程序将这个 Ack 报文拦截掉并偷偷丢弃,然后自己伪造一个 Nak 报文并在其中添加 PAP 选项之后发送给服务器端。服务器接收到这个报文以后,其认证协议选项就从 CHAP 翻转成 PAP。 但是此时客户端事实上已经接受了服务器发送的上一个配置报文, 所以客户端所记录的认证协议状态是 CHAP。下面我们需要通过伪造 configure- request 报文对客户端的认证协议状态进行翻转。

The degradation process is realized by flipping the authentication protocols at both ends. Specifically, since the configuration of authentication protocol options starts from the server side, when the server sends the first configure request message, the PPTP program on the server side records the authentication protocol options approved by the current server, which is chap. When the client receives the configuration request message, it will send ACK message to confirm the last configuration message sent by the server. At this time, the man in the middle attack program intercepts the ACK message and secretly discards it, then forges a NAK message and adds the PAP option to it, and sends it to the server. After the server receives this message, its authentication protocol option is changed from chap to PAP. But at this time, the client has actually accepted the last configuration message sent by the server, so the authentication protocol state recorded by the client is chap. Next, we need to reverse the authentication protocol state of the client by forging the configure request message.

由于服务器接收到了客户端发送过来的 Nak 报文,它就会进入重协商过程, 重新发送一个新的 configure-request 报文,这个配置报文中不包含对认证协议的协商。 当这个报文到达中间人主机时,中间人攻击程序将这个报文拦截,并在它的选项字段添加一个新的 PAP 选项,然后继续转发给客户端。 客户端接收这个新的配置报文以后,其认证协议就从 CHAP 翻转为 PAP。 此时客户端会对这个配置报文重新进行确认,发送一个 Ack 报文,当这个 Ack 报文到达中间人主机时,中间人攻击程序拦截这个报文,删除其中的 PAP 选项,并继续转发给服务器端。

Because the server receives the NAK message sent by the client, it will enter the re negotiation process and send a new configuration request message again. This configuration message does not include the negotiation of authentication protocol. When the message reaches the man in the middle host, the man in the middle attacker intercepts the message, adds a new PAP option in its option field, and then continues to forward it to the client. After the client receives the new configuration message, its authentication protocol is changed from chap to PAP. At this time, the client will reconfirm the configuration message and send an ACK message. When the ACK message reaches the man in the middle host, the man in the middle attacker will intercept the message, delete the PAP option and continue to forward it to the server.

至此,整个降级攻击过程完成。这个降级攻击方式不会对 GRE 隧道的序列号造成混乱,因为中间人并没有凭空伪造一个报文来消耗两端的序列号, 而是通过替换原有的报文,占用了原有的序列号。从上面的分析可见,降级过程是通过伪造 Nak 报文来让两端进行强制重协商状态,只有通过 Nak 报文强制翻转服务器端的认证协议选项,才可以实现降级。 强制重协商过程也是中间人攻击的典型攻击模式。

So far, the whole process of demotion attack is completed. This demotion attack will not cause confusion to the serial number of GRE tunnel, because the middleman does not forge a message to consume the serial number of both ends, but replaces the original message and occupies the original serial number. From the above analysis, it can be seen that the degradation process is to forge NAK packets to force both sides to renegotiate. Only by forcing the server side authentication protocol option to be flipped through NAK packets can the degradation be realized. It is also a typical negotiation process of heavy man in the middle attack.

中间人攻击

Man in the middle attack

中间人攻击(Man-in-the-Middle Attack),是一种间接攻击模式。 黑客通过某种技术控制一个处于通信两端的主机之间的某个路由,在这个路由上,中间人可以嗅探、拦截或修改两端通信过程中的数据包。 能够实现中间人攻击的技术很多,比如:ARP 欺骗 ,为了欺骗一个处于同一局域网的某台主机 ,可以使用 ARP 配置报文,使目标主机误认为攻击者主机是该局域网的默认网关。 这样受害者主机所有的出口流量就都会发送到中间人主机上。

Man in the middle attack is an indirect attack mode. Hackers control a route between hosts at both ends of the communication through some technology. In this route, the middleman can sniff, intercept or modify the packets in the process of communication between the two ends. There are many technologies that can realize man in the middle attack, such as ARP spoofing. In order to spoof a host in the same LAN, ARP configuration message can be used to make the target host mistakenly think that the attacker host is the default gateway of the LAN. In this way, all the exit traffic of the victim host will be sent to the man in the middle host.

DNS 欺骗 :在域名解析过程中 ,客户端首先需要通过域名向 DNS 服务器发送一个请求报文,以获得目的主机的 IP。 攻击者可以通过劫持这个请求报文,然后发送一个虚假的回复报文,将一个虚假的目的 IP 地址发送给客户端。 客户端就会被带到一个中间人预先设定好的目的主机上。

DNS spoofing: in the process of domain name resolution, the client first needs to send a request message to the DNS server through the domain name to obtain the IP address of the destination host. The attacker can hijack the request message and send a false reply message to send a false destination IP address to the client. The client will be taken to a pre-set destination host by the middleman.

钓鱼网络:无线接入是非常普遍的局域网接入方式。中间人可以通过在一台安装有无线收发网卡的设备上开启无线网络诱导被害者使用该网络。由于被害者一旦接入该网络,他的所有数据都是通过这个钓鱼网络进行转发的,因此在中间人的机器上可以很容易的拦截和修改数据包。而且相比于前两种策略,搭建钓鱼网络的成本非常小,配置也比较简便。总体来说,在公共场所开放一个免费 Wi-Fi 是一个非常隐蔽和简单快捷的攻击方案。

Phishing: wireless access is a very common way of LAN access. Man in the middle can open the wireless network on a device with wireless transceiver card to induce the victim to use the network. Once the victim is connected to the network, all his data is forwarded through the phishing network, so it is easy to intercept and modify packets on the man in the middle machine. And compared with the first two strategies, the cost of building a phishing network is very small, and the configuration is relatively simple. Generally speaking, opening a free Wi Fi in public places is a very covert and simple attack scheme.

一个中间人攻击能成功的前提条件是攻击者能将自己伪装成每一个参与会话的终端,并且不被其他终端识破。中间人攻击是一个(缺乏)相互认证的攻击。大多数的加密协议都专门加入了一些特殊的认证方法以阻止中间人攻击。例如,SSL 协议可以验证参与通讯的一方或双方使用的证书是否是由受信任的数字证书认证机构颁发,并且能执行双向身份认证。

The prerequisite for a man in the middle attack to succeed is that the attacker can disguise himself as every terminal participating in the session and not be detected by other terminals. Man in the middle attack is a (lack of) mutual authentication attack. Most encryption protocols add some special authentication methods to prevent man in the middle attacks. For example, SSL protocol can verify whether the certificate used by one or both parties involved in communication is issued by a trusted digital certificate authority, and can perform two-way authentication.

传输层安全性协议

Transport layer security protocol

传输层安全性协议(Transport Layer Security,TLS),及其前身安全套接层(Secure Sockets Layer,缩写作 SSL)是一种安全协议,目的是为互联网通信,提供安全及数据完整性保障。网景公司(Netscape)在 1994 年推出首版网页浏览器,网景导航者时,推出 HTTPS 协议,以 SSL 进行加密,这是 SSL 的起源。IETF 将 SSL 进行标准化,1999 年公布第一版 TLS 标准文件。随后又公布 RFC 5246 (2008 年 8 月)与 RFC 6176 (2011 年 3 月)。在浏览器、电子邮件、即时通信、VoIP、网络传真等应用程序中,广泛支持这个协议。主要的网站,如 Google、Facebook 等也以这个协议来创建安全连接,发送数据。已成为互联网上保密通信的工业标准。

Transport layer security (TLS) and its predecessor secure sockets layer (SSL) are a kind of security protocol, which aims to provide security and data integrity guarantee for Internet communication. Netscape launched its first web browser in 1994. When Netscape Navigator launched the HTTPS protocol, SSL was used for encryption. This is the origin of SSL. IETF standardizes SSL and publishes the first edition of TLS in 1999. Subsequently, RFC 5246 (August 2008) and RFC 6176 (March 2011) were published. This protocol is widely supported in browser, e-mail, instant messaging, VoIP, network fax and other applications. Major websites, such as Google and Facebook, also use this protocol to create secure connections and send data. It has become the industry standard of secure communication on the Internet.

SSL 包含记录层(Record Layer)和传输层,记录层协议确定传输层数据的封装格式。传输层安全协议使用 X.509 认证,之后利用非对称加密演算来对通信方做身份认证,之后交换对称密钥作为会谈密钥(Session key)。这个会谈密钥是用来将通信两方交换的数据做加密,保证两个应用间通信的保密性和可靠性,使客户与服务器应用之间的通信不被攻击者窃听。

SSL includes record layer and transport layer. The protocol of record layer determines the encapsulation format of transport layer data. The transport layer security protocol uses X.509 authentication, then uses asymmetric encryption calculus to authenticate the identity of the communication party, and then exchanges symmetric key as session key. This session key is used to encrypt the data exchanged by the two sides of the communication, to ensure the confidentiality and reliability of the communication between the two applications, so that the communication between the client and the server application will not be eavesdropped by the attacker.

TLS 协议采用主从式架构模型,用于在两个应用程序间透过网络创建起安全的连接,防止在交换数据时受到窃听及篡改。

TLS protocol adopts the master-slave architecture model, which is used to create a secure connection between two applications through the network to prevent eavesdropping and tampering when exchanging data.

TLS 协议的优势是与高层的应用层协议(如 HTTP、FTP、Telnet 等)无耦合。应用层协议能透明地运行在 TLS 协议之上,由 TLS 协议进行创建加密通道需要的协商和认证。应用层协议传送的数据在通过 TLS 协议时都会被加密,从而保证通信的私密性。

The advantage of TLS protocol is that it has no coupling with high-level application layer protocols (such as HTTP, FTP, Telnet, etc.). Application layer protocol can run transparently on top of TLS protocol, and TLS protocol can negotiate and authenticate the encrypted channel. The data transmitted by application layer protocol will be encrypted when passing through TLS protocol, so as to ensure the privacy of communication.

TLS 协议是可选的,必须配置客户端和服务器才能使用。主要有两种方式实现这一目标:一个是使用统一的 TLS 协议通信端口(例如:用于 HTTPS 的端口 443);另一个是客户端请求服务器连接到 TLS 时使用特定的协议机制(例如:邮件、新闻协议和 STARTTLS)。一旦客户端和服务器都同意使用 TLS 协议,他们通过使用一个握手过程协商出一个有状态的连接以传输数据。通过握手,客户端和服务器协商各种参数用于创建安全连接:

The TLS protocol is optional, and the client and server must be configured to use it. There are mainly two ways to achieve this goal: one is to use a unified TLS protocol communication port (for example: Port 443 for HTTPS); the other is to use specific protocol mechanisms (for example: mail, news protocol and starttls) when the client requests the server to connect to TLS. Once the client and server agree to use TLS protocol, they negotiate a stateful connection to transfer data by using a handshake process. Through handshake, the client and server negotiate various parameters to create a secure connection

当客户端连接到支持 TLS 协议的服务器要求创建安全连接并列出了受支持的密码组合(加密密码算法和加密哈希函数),握手开始。

When a client connects to a server that supports TLS protocol, it is required to create a secure connection and list the supported password combinations (encryption algorithm and encryption hash function), the handshake begins.

服务器从该列表中决定加密和散列函数,并通知客户端。

The server decides the encryption and hash functions from the list and notifies the client.

服务器发回其数字证书,此证书通常包含服务器的名称、受信任的证书颁发机构(CA)和服务器的公钥。

The server sends back its digital certificate, which usually contains the name of the server, a trusted certification authority (CA), and the public key of the server.

客户端确认其颁发的证书的有效性。

The client confirms the validity of the certificate it issues.

为了生成会话密钥用于安全连接,客户端使用服务器的公钥加密随机生成的密钥,并将其发送到服务器,只有服务器才能使用自己的私钥解密。

In order to generate session key for secure connection, the client uses the server’s public key to encrypt the randomly generated key and send it to the server. Only the server can use its own private key to decrypt.

利用随机数,双方生成用于加密和解密的对称密钥。这就是 TLS 协议的握手,握手完毕后的连接是安全的,直到连接(被)关闭。如果上述任何一个步骤失败,TLS 握手过程就会失败,并且断开所有的连接。

Using random number, both sides generate symmetric key for encryption and decryption. This is the handshake of TLS protocol. After the handshake, the connection is secure until the connection is closed. If any of the above steps fail, the TLS handshake process will fail and all connections will be disconnected.


速搜资源网 , 版权所有丨如未注明 , 均为原创丨转载请注明原文链接:【速搜问答】降级攻击是什么
喜欢 (0)
[361009623@qq.com]
分享 (0)
发表我的评论
取消评论
表情 贴图 加粗 删除线 居中 斜体 签到

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址