Don’t fear the BEAST

Entrust CTO

A few weeks ago, Juliano Rizzo and Thai Duong published a paper on an SSL attack that they call BEAST, which decrypts parts of an SSL connection.

Before I discuss it at length, let me cut to the chase on it.

Q: Is this something that you need to worry about?
A: No.

Here’s a slightly more detailed explanation. The BEAST attack requires that hostile Javascript run in your browser that does the cryptanalysis. But any attack that requires hostile programs in your browser is less of a worry than one that doesn’t. If you have hostile code in your browser, there are a lot of other things it can do, like send your usernames and passwords off to some other server. Why bother doing cryptanalysis when you can just read what’s in the browser.

During the Arab Spring revolt in Tunisia, there was some Javascript malware that did precisely that — it sent off usernames and passwords to the government of anyone who was using social media sites.

The basic attack has been known since 2006, and is even fixed in TLS V1.1, but until the BEAST attack became public, hardly anyone was deploying it.

Before you get upset about that, however, let’s play a little game. Let’s roll back the clock about a year and I’ll tell you that you’re going to have to upgrade your browser. It doesn’t matter what it is — IE, Chrome, Safari, Firfox, Opera, whatever. If you’re using SSL at all, you have upgrade today. Why? Because some guy wrote a paper about an attack on SSL that we fixed. No one’s implemented the attack yet, and we are pretty sure that if/when someone does, it will require hostile Javascript or something like that, so it’s not even a very practical attack. But we security people think that you need to upgrade anyway. Now.

You’d say we were nuts. Heck, I’d say we were nuts, and the blog post criticizing this lame decision practically writes itself. Blah, blah, blah, not all attacks done in papers are practical, blah, blah, this one would require access that makes it pointless, blah, blah, if someone has the key to your front door, there’s lots they can do, blah, all the human capital wasted with this silly upgrade, blah. People would rightly criticize forcing a change for an attack that wasn’t practical.

As it happened, the BEAST attack was discovered before natural displacement of old software got rid of the old software. Fortunately, the BEAST attack is practical in the sense that it can actually happen, but impractical in the sense that someone who can do it has better attacks at their disposal as well.

Therefore, to sum up, don’t worry about the BEAST attack. But as new versions of browsers come out in the coming weeks and months that are immune to it, upgrade to them. It’s good to stay one step ahead of the attackers.

Entrust CTO
Entrust CTO
Chief Technology Officer


Add to the Conversation