Team of specialists posted a description a theoretical TLS attack that can be used to decrypt HTTPS connections and read traffic. However, the researchers admit that the Raccoon attack is theoretical and extremely difficult to execute.
Raccoon is a classic timing attack, that is, it is a side-channel attack in which a criminal tries to compromise a system by analyzing the time it takes to execute certain cryptographic algorithms. In the case of Raccoon, the attacker observes key exchange and Diffie-Hellman protocol in order to recover several bytes of information.
"This helps an attacker create a system of equations and then use a Hidden Number Problem (HNP) solver to compute the pre-master secret between the client and server," the researchers said.
All servers using the Diffie-Hellman protocol for key exchange and TLS connections (TLS 1.2 and below) are vulnerable to this problem. The vulnerability also affects DTLS. Only TLS 1.3 was considered safe by experts.
The Raccoon attack must be done on the server side and cannot be performed from the client side, for example through browsers. In addition, the attack must be performed on every single client-server connection and cannot be used to recover the server's private key and decrypt all connections at the same time.
As mentioned above, the Raccoon attack is extremely difficult to implement in practice. Researchers believe that real hackers would rather use other, simpler and more effective attack vectors than Raccoon.
And although the authors call their attack theoretical, some vendors have nevertheless released patches to protect against Raccoon, among them: Microsoft (CVE-2020-1596), Mozilla, OpenSSL (CVE-2020-1968) and F5 Networks (CVE-2020-5929).