Transport Layer Security (TLS), and its now-deprecated predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide communications security on a computer network.
While several versions of the protocols are employed in widespread use for applications like email, instant messaging, web browsing, and voice over IP. Now, there is a new timing vulnerability in TLS protocol, as disclosed by a group of researchers that could potentially allow attackers to break the encryption to read sensitive communication under certain conditions.
The vulnerability, dubbed "Raccoon Attack," is a server-side attack that exploits a side-channel in the cryptographic protocol on versions TLS 1.2 and lower to extract shared secret key used for secure communications.
How Raccoon Attack leads to Leak of Secret Keys
The vulnerability relies on precise timing measurements and specific server configuration, and it uses the time measurements to compromise a cryptosystem; also employing the same strategy for the Diffie-Hellman (DH) key exchange process during TLS handshake, which is necessary in sharing data securely over a public network.
And the handshake messages between a client and server is recorded, and thus, used to initiate new handshakes to the server, while subsequently measuring the time which it takes for the server to respond to the operations in deriving the shared key.
Now, the shared secret key which is generated during the exchange enables secure browsing, and allows users to safely navigate through websites by protecting the network communications against man-in-the-middle (MitM) attacks.
How Browser and Web technology vendors have responded to the Raccoon Attack
F5 specializes in application services and application delivery networking, and several of their products were found to be vulnerable to a "special" version of the Raccoon attack (CVE-2020-5929) which doesn't resort to timing measurements by directly observing the contents of server responses, so the company has released a patch to thwart the attack by addressing the concern with ephemeral key reuse.
And browser vendors, like Microsoft, Mozilla, and OpenSSL have all released patches to thwart the attack, with Mozilla on its part, haven turned off DH and DHE cipher suites in Firefox browser, and Microsoft recommending that Edge users should disable TLS_DHE.