Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / Security / January 2010

Tip: Looking for answers? Try searching our database.

TLS renegotiation MitM vulnerability. Is it fixed in JSSE?

Thread view: 
Enable EMail AlertsStart New Thread
Yosi Izaq - 26 Jan 2010 09:19 GMT
Hi,

I'm an eng. working on a security product that also uses Java
applications/libs/services such as RMI and activeMQ. All server side
operations are secured via TLS (using JSSE).
I'm concerned with the known TLS renegotiation MitM vulnerability.
I would like to ask whether there's a JSSE version or patch that
contains a fix to the issue?- Say by disabling TLS renegotiation by
default and adding a configuration parameter for enabling it if
needed.

The following article (http://www-01.ibm.com/support/docview.wss?
rs=3068&uid=swg21415080) suggests that IBM implementation has a fix.
Unfortunately it lacks support for PKCS #11 so switching to it is not
an option.

TIA,
Yosi Izaq
Cisco R&D
Reply to this Message
Lothar Kimmeringer - 26 Jan 2010 13:34 GMT
> I'm an eng. working on a security product that also uses Java
> applications/libs/services such as RMI and activeMQ. All server side
[quoted text clipped - 4 lines]
> default and adding a configuration parameter for enabling it if
> needed.

http://java.sun.com/javase/6/webnotes/6u18.html
doesn't show any fixes in JSSE concerning that issue.
Do you use SSL as client or do you speak of the server-side
("All server side operations are secured via TLS (using JSSE)"
allow both interpretations)? As far as I understood the issue
it is somthing to be fixed on the server-side. If you are
speaking of the server side check if JSSE is used for the
SSLServerSocket anyway. Many server-applications that exist
already for a longer time use different libraries like Entrust
or iSaSiLk, so a fix in the JSSE wouldn't help anyway.

Regards, Lothar
Signature

Lothar Kimmeringer                E-Mail: spamfang@kimmeringer.de
              PGP-encrypted mails preferred (Key-ID: 0x8BC3CD81)

Always remember: The answer is forty-two, there can only be wrong
                questions!

Reply to this Message
Yosi Izaq - 26 Jan 2010 14:55 GMT
On Jan 26, 3:34 pm, Lothar Kimmeringer <news200...@kimmeringer.de>
wrote:
> > I'm an eng. working on a security product that also uses Java
> > applications/libs/services such as RMI and activeMQ. All server side
[quoted text clipped - 23 lines]
> Always remember: The answer is forty-two, there can only be wrong
>                  questions!

I speak of server side.
I'm using a specialized SSLServerSocket, i.e. MyProjSSLServerSocket
which sets a specific KeyStore and KeyManager but for the socket
proper uses SSLServerSocket created by SSLContext.
AFAIK this makes my project vulnerable to said MitM attack. My options
seems to be either to wait for a fix in JSSE or live with the
vulnerability. This is not a nice prospect :(
I'd appreciate any tips on how to mitigate the problem.

Thanks!
Yosi
Reply to this Message
Lothar Kimmeringer - 26 Jan 2010 18:50 GMT
> I speak of server side.
> I'm using a specialized SSLServerSocket, i.e. MyProjSSLServerSocket
[quoted text clipped - 4 lines]
> vulnerability. This is not a nice prospect :(
> I'd appreciate any tips on how to mitigate the problem.

Check the current status at openjdk.org and ask the developers
directly on the mailing list if there is no entry in the
bug tracking system. In case it's fixed there you can try
out that JDK instead of using the SUN JDK that can be
downloaded at java.sun.com

Regards, Lothar
Signature

Lothar Kimmeringer                E-Mail: spamfang@kimmeringer.de
              PGP-encrypted mails preferred (Key-ID: 0x8BC3CD81)

Always remember: The answer is forty-two, there can only be wrong
                questions!

Reply to this Message
Yosi Izaq - 28 Jan 2010 19:16 GMT
On Jan 26, 8:50 pm, Lothar Kimmeringer <news200...@kimmeringer.de>
wrote:
> > I speak of server side.
> > I'm using a specialized SSLServerSocket, i.e. MyProjSSLServerSocket
[quoted text clipped - 10 lines]
> out that JDK instead of using the SUN JDK that can be
> downloaded at java.sun.com

Thank you Lothar. Unfortunately changing JDK provider is not a valid
option for me.
A colleague has provided me with the following information re. a
possible patch which disables renegotiation for NSS (http://
www.phonefactor.com/sslgap/ssl-tls-authentication-patches). This may
provide a possible solution for my product.

Thanks,
Yosi
Reply to this Message
Lothar Kimmeringer - 30 Jan 2010 16:48 GMT
> Thank you Lothar. Unfortunately changing JDK provider is not a valid
> option for me.

AFAIK the development of new versions of Java is happening
at OpenJDK.org with SUN using that codebase to create new
versions of the SUN JDK. So as long as there is no bugreport
or fix at OpenJDK there most likely will not be one for
the SUN JDK.

Regards, Lothar
Signature

Lothar Kimmeringer                E-Mail: spamfang@kimmeringer.de
              PGP-encrypted mails preferred (Key-ID: 0x8BC3CD81)

Always remember: The answer is forty-two, there can only be wrong
                questions!

Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2010 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.