OpenVPN vulnerable to a cryptographic attack.


It’s difficult to say whether our traffic is secure anywhere on the web. Under certain conditions, it is even possible to extract private data sent via an encrypted VPN (Virtual Private Network). This attack, called VORACLE, was presented at the DEF CON conference in Las Vegas.

The attack was discovered and presented by Ahmed Nafeez, but this is not a completely new discovery. It was built on the basis of the already known BREACH, CRIME and TIME cryptographic attacks used against TLS encrypted connections. The name probably refers to the Padding oracle attack from the same period. Researchers have found that data can be extracted from these connections if they were compressed before they were sent. Fortunately, these attacks are no longer active. In 2012 and 2013, the necessary corrections were made to TLS, and when it comes to HTTPS connections, we have nothing to worry about. However, Nafeez found that some types of encrypted VPNs can be attacked with a similar method.

Are u using Chrome ? Check best vpn for chrome

VPN servers and clients are still in use that compress network traffic before encrypting it, making connections still vulnerable. These are primarily programs built using the OpenVPN open protocol, which by default uses data compression before TLS encryption and sending. VORACLE allows you to decrypt some of the HTTP traffic sent via VPN and gain access to sensitive data such as cookies from websites or session data.

The attacker must first lure the user to his own site or one displaying his malicious advertisement (malvertising) with which an HTTP connection will be established from a vulnerable browser (e.g. Firefox, based on Chromium are resistant). After the user visits it, the attacker will receive, among others, cookies or other data that will allow him to log in to the account of the attacked user.

Read:   Missing Windows 95? With this application you will feel the spirit of the old system

The VORACLE attack can be easily prevented. Numerous VPN clients allow you to change the protocol and there you just need to choose a different one than OpenVPN. In addition, any encrypted traffic at a level lower than VPN (connections to sites via HTTPS) is by definition robust. As I mentioned earlier, the victim must also use a vulnerable browser, such as Firefox. Its vulnerability is caused by the fact that the entire HTTP request is sent in one large data packet. Chromium breaks them down into smaller parts (headline and content), which prevents an attack.

Nafeez informed the OpenVPN project leaders and several service providers before disclosing his discovery. The OpenVPN documentation already contains a warning about the possibility of such an attack, but for now the default settings have not been modified and the data is still compressed before encryption. The benefits of this are greater than the risk of a fairly narrow, theoretical attack. Compression was turned off by at least one supplier – TunnelBear. On GitHub you will find the code of the sample attack for further analysis, you can also watch the slides from the presentation, Nafeez also promised to prepare a scientific study of VORACLE.