Re: [tcmtf] Security Threat: Compression Ratio Info-leak Made Easy (CRIME)

"Jose Saldana" <jsaldana@unizar.es> Thu, 20 June 2013 13:47 UTC

Return-Path: <jsaldana@unizar.es>
X-Original-To: tcmtf@ietfa.amsl.com
Delivered-To: tcmtf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0385021F9CD3 for <tcmtf@ietfa.amsl.com>; Thu, 20 Jun 2013 06:47:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.5
X-Spam-Level:
X-Spam-Status: No, score=-6.5 tagged_above=-999 required=5 tests=[AWL=0.099, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QpT5Bans8PUP for <tcmtf@ietfa.amsl.com>; Thu, 20 Jun 2013 06:47:45 -0700 (PDT)
Received: from huecha.unizar.es (huecha.unizar.es [155.210.1.51]) by ietfa.amsl.com (Postfix) with ESMTP id 4B23021F9CCD for <tcmtf@ietf.org>; Thu, 20 Jun 2013 06:47:44 -0700 (PDT)
Received: from usuarioPC (gtc1pc12.cps.unizar.es [155.210.158.17]) by huecha.unizar.es (8.13.8/8.13.8/Debian-3) with ESMTP id r5KDldRk015799; Thu, 20 Jun 2013 15:47:39 +0200
From: "Jose Saldana" <jsaldana@unizar.es>
To: "'Martin Stiemerling'" <martin.stiemerling@neclab.eu>, <tcmtf@ietf.org>
References: <51C2B996.2060904@neclab.eu>
In-Reply-To: <51C2B996.2060904@neclab.eu>
Date: Thu, 20 Jun 2013 15:47:42 +0200
Organization: Universidad de Zaragoza
Message-ID: <014301ce6dbc$bd0b0ba0$372122e0$@unizar.es>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQFrMO3VStiEqwQ1NQm/OS19NisibpoFFjoA
Content-Language: es
X-Mail-Scanned: Criba 2.0 + Clamd & Bogofilter
Subject: Re: [tcmtf] Security Threat: Compression Ratio Info-leak Made Easy (CRIME)
X-BeenThere: tcmtf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: jsaldana@unizar.es
List-Id: "Tunneling Compressed Multiplexed Traffic Flows \(TCMTF\) discussion list" <tcmtf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcmtf>, <mailto:tcmtf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcmtf>
List-Post: <mailto:tcmtf@ietf.org>
List-Help: <mailto:tcmtf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcmtf>, <mailto:tcmtf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jun 2013 13:47:50 -0000

Hi, Martin.

I have been reading about the CRIME security exploit, but I think it only
affects if you compress the payload of the packet. What we are planning in
TCMTF is compressing headers in a certain network segment. After that, the
packet is rebuilt to its native form, so the packet arriving to the server
(or to the web browser) will have the same header it had when it was sent.
If you change the header, the packet does not arrive there.

Today we have discussed some security issues here. I hope we will send some
ideas to the list soon.

Thanks!

Jose

> -----Mensaje original-----
> De: tcmtf-bounces@ietf.org [mailto:tcmtf-bounces@ietf.org] En nombre de
> Martin Stiemerling
> Enviado el: jueves, 20 de junio de 2013 10:13
> Para: tcmtf@ietf.org
> Asunto: [tcmtf] Security Threat: Compression Ratio Info-leak Made Easy
> (CRIME)
> 
> Hi all,
> 
> My fellow Security AD just pointed me to the following security threat
that
> might also applicable in the case of tcmtf:
> Compression Ratio Info-leak Made Easy (CRIME), see [1].
> 
> Just to let you know for your considerations.
> 
>    Martin
> 
> [1] http://en.wikipedia.org/wiki/CRIME_%28security_exploit%29
> 
> 
> --
> martin.stiemerling@neclab.eu
> 
> NEC Laboratories Europe
> NEC Europe Limited
> Registered Office:
> Athene, Odyssey Business Park, West End  Road, London, HA4 6QE, GB
> Registered in England 2832014
> _______________________________________________
> tcmtf mailing list
> tcmtf@ietf.org
> https://www.ietf.org/mailman/listinfo/tcmtf