DROWN SSL vulnerability
- 2016-03-01 13:07
What is DROWN?DROWN stands for Decrypting RSA with Obsolete and Weakened eNcryption. Basically the attack, like many against SSL, involves using a downgraded cipher to attack the encrypted connection and potentially steal communication data.
The attack involves taking advantage of the weak SSLv2 cipher. It requires a fair amount of computing power and a significant amount of traffic needs to be intercepted to break the cipher. The researchers have said this can be done with about $440 of Amazon EC2 power.
Is my website vulnerable?The attack is only possible against connections supporting SSLv2. This is a very old protocol from 1995. However some systems still allow SSLv2 connections. To protect your server you should disable SSLv2. In fact we recommend disabling all SSL protocols and only using TLS. IT is worth noting while we refer to SSL Certificates these all support TLS connections. So you do not need to rush to replace your certificates.
To check if your server is vulnerable you can use the SSL Labs checker and see if SSLv2 is enabled.
But it is also worth noting that you may use your certificate for other protocols such as email servers. You need to ensure SSLv2 is disabled on these. Especially if they use the same private key. You can check if your system has been detected as vulnerable by the security researchers using the DROWN Attack website.