SSL key was successfully stolen from the CloudFlare contest server

On April 11, CloudFlare researchers published an article in the blog “ Answering the Critical Question: Can You Get Private SSL Keys Using Heartbleed? In which they wondered if it was possible to extract private keys using the acclaimed Heartbleed vulnerability. An attempt to extract a private key from the server’s RAM was not successful. As a result, the researchers concluded that theft of SSL certificates using Heartbleed is unlikely:

We believe that theft of private keys on most NGINX servers is at least extremely difficult and probably impossible. We are sure that even when using Apache, which we believe may be a little more vulnerable, and which we don’t use in CloudFlare, the probability of SSL-keys being revealed using the Heartbleed vulnerability is extremely small. This is one of the few good news for this week.

Several online media have already replicated this study ( example ) and based on it confidently stated that the theft of private keys using Heartbleed is impossible. As it turned out, CloudFlare researchers were wrong.



Representatives of CloudFlare decided to appeal to the hacker community. About twelve hours ago, at Hacker News, third parties not officially associated with CloudFlare even made a reward of 10,000 dollars for the first successful fulfillment of competitive conditions . Participants were asked to extract private keys from a specially created for this server, accessible by the domain name cloudflarechallenge.com , and publish details of the solution to the problem. Nginx-1.5.13 and OpenSSL 1.0.1.f was launched on the server under the control of Ubuntu 13.10 x86_64.



A few hours ago one appeared, and then the second winner. The first task coped with Muscovite Fedor Indutny ( donnerjack13589 ). To do this, it took 2.5 million requests (this was almost a third of all requests) and only 3 hours . Fedor even offered to configure the parameters of the hosts file to redirect the domain name cloudflarechallenge.com to his server to demonstrate possession of a private key using an HTTPS connection. The second with a delay of 50 minutes was Ilkka Mattila from the National Center for Computer Protection of Finland with 100 thousand requests.

')

Thus, even after fixing the Heartbleed vulnerability, there is a non-zero likelihood of attacks using a previously stolen private key before it is updated. The results of the competition also refute the study CloudFlare. Apparently, the details of the decision and conclusions will be published soon.