There is a theory that the TLS Session ID might mitigate the BEAST attack, and one of the comments at the IETF mention that SSL Accelerators may alter this ID.
Can someone explain to me (or tell me where to go) to understand what an SSL Accelerator may to do to the TLS session that is different than a regular session?
答案1
The notion of an "SSL accelerator" also applies to crypto acceleration cards which support the generation of asymmetric keypairs and / or the symmetric encryption/decryption operations. In this case the acceleration consists purely of algorithmic aid and does not involve protocol specifics (especially no TLS session IDs).
As for the other part of the question, the BEAST attack is surely not prevented by the use of session IDs instead of cookies. Although there can't be cookie theft if the cookie is tied to the session ID, the attack itself is still usable to sniff on other connection data. The only对抗 BEAST 攻击的方法是放弃 TLS 1.0 并仅使用较新版本的协议 - 或者使用 CBC(一种特殊的分组密码编码)禁用 TLS 1.0 的所有分组密码 - 这意味着禁用所有分组密码并留下 RC4(这是一种流密码,因此不需要使用以前的编码)作为唯一可用的密码。
答案2
SSL 加速器通常的工作原理如下:
客户端<-SSL->加速器<-HTTP->服务器
这意味着服务器不必处理 SSL 的开销。但这也意味着 SSL 会话的详细信息对服务器是不可见的。理论上,加速器可以向 HTTP 请求添加一个标头,其中包含 HTTP 会话独有的标识符,但我不知道有任何加速器真正做到这一点。