POODLE: A Critical Vulnerability in the SSL 3.0 Protocol
tl;dr: Duo’s cloud service was fully-patched and protected against POODLE within hours of the vulnerability being publicly disclosed Tuesday evening.
Yesterday, researchers from Google disclosed a critical vulnerability in the SSL 3.0 protocol, named POODLE (Padding Oracle On Downgraded Legacy Encryption). Besides the clever backronym, the research and outlined attack allows a man-in-the-middle adversary to inspect and tamper with communications using SSL 3.0 (or a connection maliciously downgraded to 3.0). The attack is similar in nature to BEAST, but has no effective workaround, short of disabling the SSL 3.0 protocol in client or server SSL stack implementations.
Throughout the day, like the rest of the Internet, we tracked the rumors of the SSL 3.0 vulnerability. Based on the assessment of the communications surrounding the vulnerability (or lack thereof) by our Duo Labs team, we deemed the rumor to be true with a high likelihood and proactively prepared mitigations for our cloud-hosted two-factor authentication service.
Shortly after the confirmation of the vulnerability by Google Tuesday evening and final analysis from our Labs team, we pushed out mitigations to our production infrastructure to disable the vulnerable SSL 3.0 protocol and only accept TLS 1.0, 1.1, and 1.2 connections. In other words, Duo customers are not at risk due to POODLE.
Obviously, this isn't the first time SSL has been impacted by a critical vulnerability, nor will it be the last time. Sadly, our historical timeline detailing SSL/TLS-related vulnerabilities needs to be updated far too frequently than one would hope:
Due to the fragility of these core protocols that most of the Internet depends on for secure communications, we've gone above and beyond to construct our two-factor authentication service to be resilient against and tolerant to failures in SSL/TLS transport security.
In fact, we've designed our Duo Push technology to maintain integrity of our authentication process even when the security properties promised by SSL/TLS are compromised. Back when the Heartbleed vulnerability occurred, I wrote a blog post covering just that:
Heartbleed Defense-in-Depth Part #2: Don't Trust SSL
Beyond Duo, it's very likely that the HTTPS clients and servers across your organization will be affected by the POODLE vulnerability. We've included some resources below for POODLE that may be useful in further understanding the vulnerability and its potential impact on your organization: