'CRIME' attack abuses SSL/TLS data compression feature to hijack HTTPS sessions

SSL/TLS data compression leaks information that can be used to decrypt HTTPS session cookies, researchers say

By Lucian Constantin, IDG News Service |  Security

Support for TLS compression among websites is pretty widespread. Forty-two percent of servers tracked by SSL Pulse -- a project that monitors SSL/TLS implementations on the world's top 180,000 HTTPS-enabled websites -- support compression, Ivan Ristic, director of engineering at security vendor Qualys, said Thursday.

However, the level of support for TLS or SPDY compression is not very good on the client side, Ristic said. One source of data suggested that 10 percent of clients support TLS compression, he said.

In order for the CRIME attack to work, both the server and the client need to support the compression feature.

Internet Explorer never supported TLS compression or SPDY. Mozilla Firefox only supports SPDY, but compression was removed in Firefox 15, so the latest stable version of the browser is now protected against CRIME, Rizzo said.

Google Chrome supported both TLS compression and SPDY compression, but the features were removed from the latest version.

It's not yet clear if the Android versions of Chrome and Firefox have been patched.

Ristic believes that in the case of CRIME, the problem is not very serious because compression can easily be disabled both on clients and servers by applying patches.

BEAST -- a different attack against SSL/TLS developed by Rizzo and Duong last year -- is potentially more dangerous than CRIME because it can't be fixed with a patch, Ristic said. You have to fix it manually, he said.

According to SSL Pulse data, more than 70 percent of the world's top 180,000 HTTPS-enabled websites are still vulnerable to BEAST, Ristic said.

"Gmail and Twitter use SPDY, Dropbox and Yahoo Mail use TLS compression," Rizzo said. "We contacted Dropbox and they disabled compression yesterday."

In the future SPDY can be redesigned to use compression but avoid CRIME attacks, Rizzo said. In fact, Google has already developed a solution for this, he said.

"TLS compression could be enabled for some applications protocols but enabling it for HTTP is problematic," Rizzo said.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness