About SSL and Flaws in SSL 2.0
SSL – Secure Sockets Layer is the Cryptographic Protocol which helps to do secured communication over the network. It is a standard protocol used to establish the encrypted communication between the client and server over the network. Usage of Secure Sockets Layer ensures that all the data transmitted over the network were encrypted which keeps the data safe.
Various flaws identified in the SSL 2.0 version is listed below.
- For Message Authentication and encryption, SSL 2.o uses identical cryptographic keys. In SSL 3.0, Message Authentication Code Secrets may be larger than the encryption keys so messages will be safe and secured even if the encryption keys are broken.
- It uses the Weak MAC Construction which uses the MD5 hash function with the secret prefix, that makes it vulnerable to length extension attacks.
- There is no protection or security for the handshake, due to which the Man in the middle attack may go undetected. So there is possibilities for the undetected Man in the Middle Attack.
- TCP Connection Close is used to Indicate the end of data in SSL 2.0 Due to which the truncation attacks were made possible, the attackers can use TCP FIN (I finished my talk, but will listen everything until you are done) which leaves the recipient unaware about the unauthorized end of data message.
- It assumes single service and fixed domain certificate that clashes with the feature of virtual hosting in web servers. Finally, the websites were impaired from using the SSL.
SSL 2.0 is disabled by default but to maximize the opportunity to support the old servers, the web browsers will attempt to use SSL 3.0 in the SSL 2.0 format.
SSL 3.0 which is released by solving the flaws found in the SSL 2.0. It is improved from the SSL 2.0 by adding the SHA – 1 based ciphers and support for certificate authentication.
- In security point of view, SSL 3.0 is considered less desirable than the TLS 1.0.
- The SSL 3.0 is having the weak key derivation process. Half of the Master key creation is completely depends on the MD5 Hash Function which is not a collision resistant and considered as less secured.
- Same in TLS 1.0, the Master Key Creation is completely based on the MD5 and SHA-1 and so it is no considered as a weak derivation process.
Read more about SSL Certificate and it’s Working.