Don’t fear the BEAST
A few weeks ago, Juliano Rizzo and Thai Duong published a paper on an SSL attack that they call BEAST, which decrypts parts of an SSL connection.
Before I discuss it at length, let me cut to the chase on it.
Q: Is this something that you need to worry about?
The basic attack has been known since 2006, and is even fixed in TLS V1.1, but until the BEAST attack became public, hardly anyone was deploying it.
You’d say we were nuts. Heck, I’d say we were nuts, and the blog post criticizing this lame decision practically writes itself. Blah, blah, blah, not all attacks done in papers are practical, blah, blah, this one would require access that makes it pointless, blah, blah, if someone has the key to your front door, there’s lots they can do, blah, all the human capital wasted with this silly upgrade, blah. People would rightly criticize forcing a change for an attack that wasn’t practical.
As it happened, the BEAST attack was discovered before natural displacement of old software got rid of the old software. Fortunately, the BEAST attack is practical in the sense that it can actually happen, but impractical in the sense that someone who can do it has better attacks at their disposal as well.
Therefore, to sum up, don’t worry about the BEAST attack. But as new versions of browsers come out in the coming weeks and months that are immune to it, upgrade to them. It’s good to stay one step ahead of the attackers.