Truncating TLS Connections to Violate Beliefs in Web Applications (bibtex)
by Ben Smyth, Alfredo Pironti
Abstract:
We identify logical web application flaws which can be exploited by TLS truncation attacks to desynchronize the user- and server-perspective of an application's state. It follows immediately that servers may make false assumptions about users, hence, the flaw constitutes a security vulnerability. Moreover, in the context of authentication systems, we exploit the vulnerability to launch the following practical attacks: we exploit the Helios electronic voting system to cast votes on behalf of honest voters, take full control of Microsoft Live accounts, and gain temporary access to Google accounts.
Reference:
Truncating TLS Connections to Violate Beliefs in Web Applications (Ben Smyth, Alfredo Pironti), In WOOT'13: 7th USENIX Workshop on Offensive Technologies, USENIX Association, 2013. (First appeared at Black Hat USA 2013.)
Bibtex Entry:
@inproceedings{2013-truncation-attacks-to-violate-beliefs,
	author = "Ben Smyth and Alfredo Pironti",
	title = "{Truncating TLS Connections to Violate Beliefs in Web Applications}",
	year = "2013",
	booktitle = "WOOT'13: 7th USENIX Workshop on Offensive Technologies",
	publisher = "USENIX Association",
	note = "First appeared at Black Hat USA 2013.",
  url = {http://www.bensmyth.com/publications/2013-truncation-attacks-to-violate-beliefs/},
	abstract = {We identify logical web application flaws which can be exploited by TLS truncation attacks to desynchronize the user- and server-perspective of an application's state. It follows immediately that servers may make false assumptions about users, hence, the flaw constitutes a security vulnerability. Moreover, in the context of authentication systems, we exploit the vulnerability to launch the following practical attacks: we exploit the Helios electronic voting system to cast votes on behalf of honest voters, take full control of Microsoft Live accounts, and gain temporary access to Google accounts.},
  x-language = {EN},
  x-audience = {international},
  x-town = {Washington},
  x-country = {US},
}
Powered by bibtexbrowser