30 Seconds to Penetrate HTTPS Using BREACH

Another security protocol has been compromised.  Security researchers Angelo Prado, Neal Harris and Yoel Gluck demonstrated it takes less than a minute to successfully compromise the security in HTTPS, well compressed HTTPS.  It is called BREACH and is in the same family as the CRIME attack that surfaced last year. See http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4929 for more info on CRIME.

BREACH currently does not have solution to fix the vulnerability and has resulted in the following CERT advisory:  http://www.kb.cert.org/vuls/id/987798.

BREACH works when an attacker is able to observe the length of a compressed HTTPS response under the following conditions(according to the CERT advisory):

1.   HTTPS-enabled endpoint (ideally with stream ciphers like RC4, although the attack can be made to work with adaptive padding for block ciphers).
2.   The attacker must be able to measure the size of HTTPS responses.
3.   Use of HTTP-level compression (e.g. gzip).
4.   A request parameter that is reflected in the response body.
5.   A static secret in the body (e.g. CSRF token, sessionId, VIEWSTATE, PII, etc.) that can be bootstrapped (either first/last two characters are predictable and/or the secret is padded with something like KnownSecretVariableName=””.
6.   An otherwise static or relatively static response. Dynamic pages do not defeat the attack, but make it much more expensive.

There are some suggestions in the CERT advisory as to how to protect or at least mitigate some of the risk of this vulnerability, however, there is currently no practical work around that fixes this vulnerability.

Post by Protocol 46