Saturday, August 10, 2013

BREACH Attack: Plucking secrets from HTTPS protected pages

Last week, a new type of attack, BREACH, abbreviation for Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext, was announced. This attack enables the attacker to pluck email addresses, social security numbers, certain types of security tokens out of we pages sent over HTTPS links - which use either transport layer security (TLS) and secure sockets layer (SSL) protocols.
Many more details can be found in: Gone in 30 seconds: New attack plucks secrets from HTTPS-protected pages.

How do you stop these attacks? Some proposals can be found in: How do you stop HTTPS-defeating BREACH attacks? Let us count the ways.

How does BREACH work?

- BREACH exploits the standard deflate algorithm websites use when sending compressed pages. Attackers who are able to passively monitor the Web traffic and send modified requests on behalf of the victim can glean clues about the plain text included in the encrypted data streams. By making educated guesses, including them in requests sent to the Web server, and comparing the size of the compressed responses, they can extract encrypted secrets in as little as 30 seconds using a few thousand requests.

Here is white paper on the attack, in PDF form: BREACH: REVIVING THE CRIME ATTACK.


Posts a comment

© 2013CKN Tech | 2013 Templates
Designed by Chandrakant Nial
Back to top