One of the PCI-DSS requirements (section 4.1) is to use strong cryptography and security protocols to protect sensitive data during transmission over public networks. Compliance to this requirement ensures that companies are not exposing their customers or their business to unnecessary risks that may lead to data theft or fraud. A server failing the PCI compliance test would be considered potentially vulnerable to many remote attacks on SSL.
Any server can be remotely tested by monitoring how it answers a secure HTTP connection request (HTTPS) and comparing the answer with a list of parameters representing the “known good” behaviour of a PCI compliant server. A server is reported non compliant whenever it answers using insecure protocols or with a level of encryption that is not considered strong enough.
For example, a server answering an SSL v2 request is reported as non-compliant since the protocol is no longer considered to be secure by the industry at large. Also, a server answering an HTTPS request by allowing the usage of security keys smaller than 128 bits is considered as non-compliant since the SSL encrypted channel can be attacked in various ways. This is also the case when a server answers an HTTPS request by providing an SSL certificate using a weak cryptographic algorithm such as MD5.
Let’s take the example of Lebanon where a test on nearly 5000 random IP addresses found 88 servers capable of answering an HTTPS request (1.6 % of the total). The test found that only 3% were able to answer with an appropriate SSL level of security meeting PCI requirements.
The remaining 97% were unable to demonstrate a sufficient level of security, thus exposing both server and clients to all sorts of SSL attacks, from Man-In-The-Middle (MITM) attacks to Denial of Service (DoS) to data theft.
Let’s go through some known vectors of attack:
If the server accepts to communicate with WEAK security ciphers, then it is possible to attack the SSL communication using open source tools and break the communication using brute force.
If the server accepts the usage of NULL ciphers, it means the server is willing to create an SSL connection using no encryption, causing the server to communicate using plain text data, but the browser will show the communication as secured by HTTPS but in fact no real security is present.
If the server has an SSL certificate signed using MD5 than it is possible to forge the SSL certificate and it is also possible to make MD5 collision attacks; in fact breaking the SSL communication makes it possible for an attacker to enter the communication channel as if it was authenticated.
If the server answers using an SSL certificate generated from September 2006 until May 2008 using Debian’s openssl package, than the cryptographic keys used for authentication are potentially vulnerable to attack and any data signed or encrypted using weak X.509 should be considered compromised, as all vulnerable keys have been mapped and made available in automated attack tools.
If a server answers allowing compression over HTTPS and is also using CBC ciphers, than the server is potentially vulnerable to SSL BEAST or CRIME attack, and an attacker could perform Man In The Middle attack and then hijack the no-longer secure connection.
If the server supports SSL v2 and is also supporting insecure renegotiation, the server itself becomes vulnerable to “resource exhaustion” DoS attack, as a malicious client would be allowed to open only ONE connection and while keeping this one connection open forces the server to renegotiate an infinite amount of times, this process requires on average 15 times more processing power on the server than on the client causing an overload on the server that makes it consume all CPU resources, which renders it unable to respond to any query.
Where does Lebanon and more generally MENA countries stand with regards to PCI-DSS? Are CERTs assessing the region’s compliance with this specific standard? Are they taking advantage of publicly available information to gauge this readiness?
We look forward to reading your opinions and comments on that.