BEAST creators develop new SSL attack

lotuseclat79 · #1 September 7th, 2012, 09:50 AM

Quote:

Security researchers...are preparing to present a new attack on SSL/TLS at the Ekoparty Security Conference in Argentina later this month, according to Threatpost. The new attack has been given the name CRIME by the researchers.

-- Tom

lotuseclat79 · #2 September 11th, 2012, 12:40 PM

How can you protect yourself from CRIME, BEAST’s successor?.

The post (above link) discusses an excellent hypothetical way to defend against the attack which prompted various modifications (see comments in linked article above) in several products prior to the actual release of the CRIME attack at a conference later this month in Argentina.

-- Tom

EncryptedBytes · #3 September 13th, 2012, 08:11 AM

(http://security.stackexchange.com/qu...or/19914#19914)

Quote:

This attack is supposed to be presented in 10 days from now, but my guess is that they use compression.

SSL/TLS optionally supports data compression. In the ClientHello message, the client states the list of compression algorithms that it knows of, and the server responds, in the ServerHello, with the compression algorithm that will be used. Compression algorithms are specified by one-byte identifiers, and TLS 1.2 (RFC 5246) defines only the null compression method (i.e. no compression at all). Other documents specify compression methods, in particular RFC 3749 which defines compression method 1, based on DEFLATE, the LZ77-derivative which is at the core of the GZip format and also modern Zip archives. When compression is used, it is applied on all the transferred data, as a long stream. In particular, when used with HTTPS, compression is applied on all the successive HTTP requests in the stream, header included. DEFLATE works by locating repeated subsequences of bytes.

funkydude · #4 September 13th, 2012, 06:32 PM

Here is where I am glad that MS isn't supporting Google's "great" new SPDY protocol as IE is immune to the attack. When it comes to encryption new proposals should be rigorously tested, not rushed out before it's even a standard.

Still annoyed at the lack of pushing TLS 1.2 though... so depressing that still only IE and Opera support it.

lotuseclat79 · #5 September 14th, 2012, 07:47 PM

Some thoughts on the CRIME attack.

The above linked post if from the Tor project perspective.

-- Tom

lotuseclat79 · #6 September 18th, 2012, 09:36 AM

Many ways to break SSL with CRIME attacks, experts warn.

Quote:

Despite browser fixes, disabling SSL compression on servers may be best defense.

-- Tom

lotuseclat79 · #7 October 20th, 2012, 07:08 AM

Internet architects mull changes to fight SSL-busting CRIME attacks.

Quote:

IETF proposes change to long-standing practice of compressing encrypted data.

-- Tom

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search