POODLE Attack Definition & Meaning

A POODLE (Padding Oracle on Downgraded Legacy Encryption) attack is a form of man-in-the-middle attack that takes advantage of a cryptographic weakness in Secure Socket Layer (SSL) version 3.0. Although Internet web server security has been updated to TLS (Transport Layer Security) for years, not all servers support it yet. And if a client’s web server can only use SSL, a session between the two will default to SSL. POODLE attacks take advantage of this fallback and will even trick the web server into switching to SSL protocols if it doesn’t automatically. The server assumes that one of the parties cannot use TLS, when in reality the attacker convinced the server to downgrade.

Once the session is using SSL 3.0, the attacker moves to the encrypted information. SSL ciphers are in blocks and must have a certain byte length. These ciphers are padded with extra bytes if needed to reach that specification. The encrypted information also has a message authentication code (MAC). Because the block cipher is padded to reach the required amount of bytes, the end of the cipher will include the number of bytes padded (04 if four bytes are added for padding, for example). But the server doesn’t check all of the padding except for the last bytes. This presents a security weakness in which any bytes can be substituted in that section of padding.

If an attacker guesses a byte and is wrong, the server will reject their request. Then they know they were wrong and can just continue guessing. It’s relatively easy for an attacker to guess the last bytes of the cipher and then move from there to continue substituting bytes until they reach the correct combination of numbers. Then they can decrypt the cipher and steal the data being transmitted. The attack is called a “padding oracle” attack because it tells an attacker which part of the process they’ve gotten wrong.

Any server connection that is susceptible to man-in-the-middle attacks will also be more vulnerable to POODLE attacks, especially Wi-Fi networks that don’t require passwords. It’s also worth noting that SSL isn’t the only protocol that permits POODLE attacks: even TLS version 1.2 has experienced that weakness.

 

Related Links

 

 

Jenna Phipps
Jenna Phipps
Jenna Phipps is a contributor for websites such as Webopedia.com and Enterprise Storage Forum. She writes about information technology security, networking, and data storage. Jenna lives in Nashville, TN.

Top Articles

Huge List Of Texting and Online Chat Abbreviations

From A3 to ZZZ we list 1,559 text message and online chat abbreviations to help you translate and understand today's texting lingo. Includes Top...

How To Create A Desktop Shortcut To A Website

This Webopedia guide will show you how to create a desktop shortcut to a website using Firefox, Chrome or Internet Explorer (IE). Creating a desktop...

The History Of Windows Operating Systems

Microsoft Windows is a family of operating systems. We look at the history of Microsoft's Windows operating systems (Windows OS) from 1985 to present...

Hotmail [Outlook] Email Accounts

  By Vangie Beal Hotmail is one of the first public webmail services that can be accessed from any web browser. Prior to Hotmail and its...

Supply Chain Definition &...

A supply chain is a network between an organization and its suppliers to...

Relational Database Definition &...

A relational database stores and connects data in tables and columns, emphasizing the...

Common Business-Oriented Language (COBOL)...

What is COBOL? COBOL stands for Common Business-Oriented Language. It is a 60-year-old programming...