W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2013

Re: Some general thought on CRIME and Compression and Headers

From: Martin Thomson <martin.thomson@gmail.com>
Date: Wed, 16 Jan 2013 16:55:08 -0800
Message-ID: <CABkgnnWATOo79mxcb6tO=CUT6k0Vh0YapAB1SrV8dMnLLAKBkw@mail.gmail.com>
To: James M Snell <jasnell@gmail.com>
Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On 11 January 2013 11:45, James M Snell <jasnell@gmail.com> wrote:
> First of all, it is good to consider what the CRIME attack actually is.
> Generally, if we have a block of header data that contains a mix of static
> sensitive data (such as a session cookie) and attacker-provided dynamic
> data, the attacker can repeatedly analyze the size of the compressed block
> of data using different dynamic data values until  the sensitive data is
> successfully reverse-engineered.

I'm not sure that this is the best characterization of the problem.
CRIME relies on there being state established by previous requests
that can be exposed by altering requests and observing how that
affects the size of requests (or responses).  The specific attack in
question used cookies because they are both easy and high-value.

As Roberto notes, knowing what is and isn't sensitive is
near-impossible.  Of course, using this definition you could say that
it is still possible to use the delta-encoding to mount a similar
attack, except for the fact that it is grossly inefficient to do so
because the space you have to search to interrogate the space is much
larger ... to the point that the attack would be no better than a
straight guessing game.

--Martin
Received on Thursday, 17 January 2013 00:55:37 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 17 January 2013 00:55:39 GMT