Secure Sockets Layer (SSL) is one of the most used standard security protocol. This protocol establishes an encrypted online communication between a web server and a browser. The SSL technology encrypts the communication channel through which all the data are transmitted between the web server and browser. An SSL connection can be established using a valid SSL certificate. For activating SSL certification, the admin must give valid information about the application. When a certification is issued, two cryptographic keys are generated:-
SSL Certificate contains information about the application like domain name, company name and other information like company address and many more. This certificate also shows the expiry date of the SSL along with details of the issuing Certification Authority (CA). When a browser requests a connection with an SSL secured website, the browser will first get the site’s SSL Certificate to check if it’s still valid. Then the browser checks whether the site is verified under a browser trusted CA. The browser will warn if any of these checks fail.
This protocol is used by almost all of the online business to ensure secure and confidential online transactions. Any web browser can interact with secured sites so long as they have a trusted CA certification.
The following steps represent how an SSL handshake works:-
SSL was first introduced by Netscape.
SSL 2.0 is Secure Socket Layer 2.0. This version of SSL is known to have many weaknesses. This version was first introduced in the year 1995. There were many issues with this version. Due to these vulnerabilities, SSL version 3 was introduced.
SSL 3.0 is the next iteration of SSL 2.0 which was introduced to fix all the security flaws present in SSL 2.0. The SSL 3.0 bug works on the blocks of data are encrypted. It works under a specific type of encryption algorithm within the SSL protocol. This site has SSL 3.0 outdated version. The POODLE attack can be used in this site. An attacker can gain access to sensitive data passed within the encrypted web session. The data include passwords, cookies and other authentication tokens and can easily gain more complete access to a website such as impersonating that user, accessing database contents etc.
SSL is vulnerable to following attacks:-
POODLE attack: Any site that uses SSL is vulnerable to POODLE attack. An attacker can gain access to sensitive information from encrypted web session.
Beagle recommends the following fixes:-