Matsalar tana nan kai tsaye a cikin ƙayyadaddun TLS kuma tana shafar haɗin kai kawai ta amfani da ciphers dangane da ka'idar musayar maɓallin DH (Diffie-Hellman, TLS_DH_*)). Tare da sifofin ECDH matsalar ba ta faruwa kuma sun kasance amintacce. Ka'idojin TLS kawai har zuwa sigar 1.2 suna da rauni; TLS 1.3 matsalar ba ta shafe su ba. Rashin lahani yana faruwa a cikin aiwatar da TLS waɗanda ke sake amfani da maɓallin sirri na DH ta hanyoyin haɗin TLS daban-daban (wannan halin yana faruwa akan kusan 4.4% na sabar Alexa Top 1M).
A cikin OpenSSL 1.0.2e da sakewa na baya, ana sake amfani da maɓallin farko na DH a duk haɗin haɗin uwar garken sai dai in an saita zaɓin SSL_OP_SINGLE_DH_USE a sarari. Tun da OpenSSL 1.0.2f, ana sake amfani da maɓallin farko na DH lokacin amfani da madaidaicin DH ciphers ("DH-*", misali "DH-RSA-AES256-SHA"). Rashin lahani ba ya bayyana a cikin OpenSSL 1.1.1, tun da wannan reshe baya amfani da maɓallin farko na DH kuma baya amfani da madaidaicin DH ciphers.
Lokacin amfani da hanyar musanyar maɓalli na DH, ɓangarorin haɗin biyu suna haifar da maɓallan sirri bazuwar (daga nan maɓalli "a" da maɓalli "b"), bisa ga maɓallan jama'a (ga mod p da gb mod p) ana ƙididdige su da aikawa. Bayan kowace ƙungiya ta karɓi maɓallan jama'a, ana ƙididdige maɓalli na gama-gari (gab mod p), wanda ake amfani da shi don samar da maɓallin zama. Harin Raccoon yana ba ku damar tantance maɓalli na farko ta hanyar nazarin tashoshi na gefe, dangane da gaskiyar cewa ƙayyadaddun TLS har zuwa sigar 1.2 na buƙatar duk manyan bytes na maɓalli na farko a jefar da su kafin lissafin da ke tattare da shi.
Ciki har da maɓalli na farko da aka yanke zuwa aikin maɓalli na zaman, wanda ya dogara da ayyukan hash tare da jinkiri daban-daban lokacin sarrafa bayanai daban-daban. Yin auna daidai lokacin mahimman ayyukan da uwar garken ke yi yana bawa maharin damar tantance alamun (oracle) waɗanda ke ba da damar yin hukunci ko maɓallin farko ya fara daga karce ko a'a. Misali, mai kai hari zai iya kutsa maballin jama'a (ga) wanda abokin ciniki ya aiko, sake tura shi zuwa uwar garken kuma ya tantance.
ko sakamakon farko na maɓalli ya fara daga sifili.
Da kanta, ayyana byte ɗaya na maɓalli ba ya ba da wani abu, amma ta hanyar katse ƙimar "ga" da abokin ciniki ya watsa yayin tattaunawar haɗin gwiwa, maharin na iya samar da saitin wasu dabi'u masu alaƙa da "ga" kuma aika su zuwa ga. uwar garken a cikin zaman tattaunawar haɗin kai daban. Ta hanyar ƙirƙira da aika ƙimar “gri * ga”, maharin na iya, ta hanyar nazarin canje-canjen jinkiri a cikin martanin uwar garken, ƙayyade ƙimar da ke haifar da karɓar maɓallan farko daga sifili. Bayan an tantance irin waɗannan ƙima, maharin na iya ƙirƙira saitin ma'auni don
Buɗe rashin lahani na SSL
Ana lura da ƙarin matsalolin daban (
source: budenet.ru