Lucky Thirteen attack against implementations of the Transport Layer Security

OWASP 2013-A9 OWASP 2017-A9 OWASP 2021-A6 OWASP PC-C1 CAPEC-310 CWE-310 HIPPA-164.306(a) ISO27001-A.14.1.2 WASC-04 WSTG-CRYP-01

The Lucky Thirteen attack is a famous and one of the dangerous cryptographic timing attack. This attack is used against implementations of the Transport Layer Security (TLS) protocol that uses the CBC (Cipher Block Chaining) mode of operation. The server has a vulnerability that may cause Lucky Thirteen attack against implementations of the Transport Layer Security protocol. This may result in loss of sensitive information. An attacker can perform an attack on the MAC check during the processing of malformed CBC padding. This vulnerability allows an attacker to execute a plaintext-recovery attack using the statistical analysis of the packet’s timing data. This vulnerability is known as “Lucky Thirteen” attack. The TLS 1.1 and 1.2 are used in OpenSSL, OpenJDK, PolarSSL and so on. This attack is also possible on SSL 3.0 and TLS 1.0. It is impossible to find if a vulnerable version is active at the endpoint. Thus, all the SSL running CBC cipher were flagged as a potential vulnerability.


An attacker can steal sensitive information using the man in the middle attack. The man in the middle attack is used to sniff the communication. The sniffing process will leak information from the communication channel. The information might include usernames, passwords and so on.

Mitigation / Precaution

Beagle recommends the following impacts:-

  • It is best to disable TLS
  • Upgrade the OpenSSL version.
  • Remove all cipher block chaining ciphers.
  • Try to disable SSL-disable-CBC-ciphers.

Related Articles