Skip to main content
USENIX
  • Conferences
  • Students
Sign in
  • Home
  • Attend
    • Registration Information
    • Registration Discounts
    • Venue, Hotel, and Travel
    • Students and Grants
    • Co-located Workshops
  • Program
    • Workshop Program
  • Sponsorship
  • Participate
    • Instructions for Authors and Speakers
    • Call for Papers
  • About
    • Workshop Organizers
    • Questions
    • Services
    • Past Workshops
  • Home
  • Attend
  • Program
  • Sponsorship
  • Participate
  • About

help promote

WOOT '16 button

connect with us


  •  Twitter
  •  Facebook
  •  LinkedIn
  •  Google+
  •  YouTube

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home » Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS
Tweet

connect with us

Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS

Authors: 

Hanno Böck; Aaron Zauner, SBA Research; Sean Devlin; Juraj Somorovsky, Ruhr University Bochum; Philipp Jovanovic, École Polytechnique Fédérale de Lausanne (EPFL)

Abstract: 

We investigate nonce reuse issues with the GCM block cipher mode as used in TLS and focus in particular on AES-GCM, the most widely deployed variant. With an Internet-wide scan we identified 184 HTTPS servers repeating nonces, which fully breaks the authenticity of the connections. Affected servers include large corporations, financial institutions, and a credit card company. We present a proof of concept of our attack allowing to violate the authenticity of affected HTTPS connections which in turn can be utilized to inject seemingly valid content into encrypted sessions. Furthermore, we discovered over 70,000 HTTPS servers using random nonces, which puts them at risk of nonce reuse, in the unlikely case that large amounts of data are sent via the same session.

Hanno Böck, SBA Research

Aaron Zauner, SBA Research

Sean Devlin, Ruhr University Bochum

Juraj Somorovsky, Ruhr University Bochum

Philipp Jovanovic, École Polytechnique Fédérale de Lausanne (EPFL)

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {198401,
author = {Hanno B{\"o}ck and Aaron Zauner and Sean Devlin and Juraj Somorovsky and Philipp Jovanovic},
title = {{Nonce-Disrespecting} Adversaries: Practical Forgery Attacks on {GCM} in {TLS}},
booktitle = {10th USENIX Workshop on Offensive Technologies (WOOT 16)},
year = {2016},
address = {Austin, TX},
url = {https://www.usenix.org/conference/woot16/workshop-program/presentation/bock},
publisher = {USENIX Association},
month = aug,
}
Download
Böck PDF
View the slides
  • Log in or    Register to post comments

© USENIX

  • Privacy Policy
  • Contact Us