[ALUG] A new hacking technique
Andreas Tauscher
ta at lonestar-bbs.de
Wed Aug 7 23:53:31 EAT 2013
Am 07.08.2013 23:19, schrieb Ismail Settenda:
> Sounds like english.....but not sure whether its /Schnaps/ speaking or
> Snoop doggy dog is in da house. . .;-)
> Easiest countermeasure: Disabling http compression.
This attack is a side channel attack. Not new, but simplified and made
more efficient. Not SSL/TLS is cracked.
Compressed data is smaller than uncompressed and the reduction depends
on the content. You can guess the real content if you know what you are
looking for. You need several thousand samples, and then comparing them.
You can simply guess. That's in basic all.
On uncompressed traffic this is not possible. Also adding some random
bytes to the secret will make this attack impossible. Because the
compressed information will have always a different length.
Rate limiting will also make this attack more difficult because it will
need a long time to get enough samples.
Andreas
More information about the Linux
mailing list