search cancel

SSL Visibility version 3.x will not resign a retransmitted TCP packet if a Block Cipher is used

book

Article ID: 173132

calendar_today

Updated On:

Products

SSL Visibility Appliance Software

Issue/Introduction

As per https://en.wikipedia.org/wiki/Block_cipher, a block cipher is a deterministic algorithm operating on fixed-length groups of bits, called a block, with an unvarying transformation that is specified by a symmetric key.

 

Examples of Block Ciphers are CBC (Cipher Block Chaining) and GCM (Galois/Counter Mode).

 

When an SSL endpoint retransmits a lost packet whereby a Block Cipher is used, the exact bitstream is forwarded to the remote endpoint and will result in the packet being undecryptable and rejected by the remote endpoint.

 

An example of this scenario is given in the packet capture below.

No.     Time      Source       Destination  SrtPort DstPort Protocol Info
   4241 83.751000 10.10.10.10  172.22.22.22 35372   443     TCP 35372 → 443 [SYN]
   4242 83.768000 172.22.22.22 10.10.10.10  443     35372   TCP 443 → 35372 [SYN, ACK]
   4243 83.769000 10.10.10.10  172.22.22.22 35372   443     TCP 35372 → 443 [ACK]
   4244 83.770000 10.10.10.10  172.22.22.22 35372   443     TLSv1.2 Client Hello
   4245 83.788000 172.22.22.22 10.10.10.10  443     35372   TLSv1.2 Server Hello
   4246 83.788000 172.22.22.22 10.10.10.10  443     35372   TCP [TCP segment of a reassembled PDU]
   4247 83.788000 172.22.22.22 10.10.10.10  443     35372   TLSv1.2 Certificate, Server Hello Done
   4248 83.790000 10.10.10.10  172.22.22.22 35372   443     TCP 35372 → 443 [ACK]
   4249 83.790000 10.10.10.10  172.22.22.22 35372   443     TCP 35372 → 443 [ACK]
   4252 83.796000 10.10.10.10  172.22.22.22 35372   443     TLSv1.2 Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
   4253 83.814000 172.22.22.22 10.10.10.10  443     35372   TCP 443 → 35372 [ACK]
   4254 83.815000 172.22.22.22 10.10.10.10  443     35372   TLSv1.2 Change Cipher Spec
   4255 83.815000 172.22.22.22 10.10.10.10  443     35372   TLSv1.2 Encrypted Handshake Message
   4256 83.816000 10.10.10.10  172.22.22.22 35372   443     TCP 35372 → 443 [ACK]
   4260 83.820000 10.10.10.10  172.22.22.22 35372   443     TCP [TCP segment of a reassembled PDU]
   4263 83.820000 10.10.10.10  172.22.22.22 35372   443     TCP [TCP segment of a reassembled PDU]
   4266 83.822000 10.10.10.10  172.22.22.22 35372   443     TLSv1.2 Application Data[TCP segment of a reassembled PDU]
   4267 83.822000 10.10.10.10  172.22.22.22 35372   443     TLSv1.2 Application Data
   4268 83.839000 172.22.22.22 10.10.10.10  443     35372   TCP 443 → 35372 [ACK]
   4269 83.941000 172.22.22.22 10.10.10.10  443     35372   TCP 443 → 35372 [ACK]
   4270 84.039000 10.10.10.10  172.22.22.22 35372   443     TCP [TCP Retransmission] 35372 → 443 [PSH, ACK]
   4271 84.057000 172.22.22.22 10.10.10.10  443     35372   TCP 443 → 35372 [ACK]
   4272 84.057000 172.22.22.22 10.10.10.10  443     35372   TCP 443 → 35372 [FIN, ACK]
   4273 84.058000 10.10.10.10  172.22.22.22 35372   443     TLSv1.2 Encrypted Alert
   4274 84.058000 10.10.10.10  172.22.22.22 35372   443     TCP 35372 → 443 [FIN, ACK]
   4275 84.075000 172.22.22.22 10.10.10.10  443     35372   TCP 443 → 35372 [ACK]
   4276 84.075000 172.22.22.22 10.10.10.10  443     35372   TCP 443 → 35372 [ACK]
 
Frame 4245: 1434 bytes on wire (11472 bits), 1434 bytes captured (11472 bits)
Secure Sockets Layer
    TLSv1.2 Record Layer: Handshake Protocol: Server Hello
        Content Type: Handshake (22)
        Version: TLS 1.2 (0x0303)
        Length: 85
        Handshake Protocol: Server Hello
            Handshake Type: Server Hello (2)
            Length: 81
            Version: TLS 1.2 (0x0303)
            Random
            Session ID Length: 32
            Session ID: fce78334bb73946480450a5006aa912c7777ac431fe6c3ca...
            Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
            Compression Method: null (0)
            Extensions Length: 9
            Extension: renegotiation_info
            Extension: server_name

Web browsers might receive an HTTP 503 error message.

Cause

SSL Visibility version 3.x does not support resigning of retransmitted TCP packets for Block Ciphers such as, but not limited to, CBC and GCM.

Resolution

If support for resigning of retransmitted TCP packets for Block Ciphers is required, upgrade to SSLV version 4.x.