Re: the "crime" attack on TLS

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: the "crime" attack on TLS

From:	Tim Ruehsen
Subject:	Re: the "crime" attack on TLS
Date:	Thu, 13 Sep 2012 13:49:34 +0200
User-agent:	KMail/1.13.7 (Linux/3.2.0-3-amd64; KDE/4.8.4; x86_64; ; )

Am Thursday 13 September 2012 schrieb Nikos Mavrogiannopoulos:
> 
> * How to mitigate the attack?
> 1. Do not enable compression (gnutls' doesn't enable it by default)
> 2. When using compression use the CBC ciphers that include a random
> padding up to 255 bytes. That would increase the number of trials an
> attacker needs to perform significantly.
> 3. Make sure that even if you must mix adversary-controlled data with
> sensitive data, that the adversary cannot trigger that multiple times.

Thank you for the information.

OpenSSL doesn't enable compression by default either.

Wget seems to be clean with GnuTLS and OpenSSL - compression is not enabled 
with GnuTLS nor with OpenSSL.

Regards, Tim

[Prev in Thread]

Current Thread

[Next in Thread]

the "crime" attack on TLS, Nikos Mavrogiannopoulos, 2012/09/13
- Re: the "crime" attack on TLS, Tim Ruehsen <=
- Re: the "crime" attack on TLS, Alfredo Pironti, 2012/09/13
- Re: the "crime" attack on TLS, Nikos Mavrogiannopoulos, 2012/09/14
  - Re: the "crime" attack on TLS, Phil Pennock, 2012/09/14
    - Re: the "crime" attack on TLS, Nikos Mavrogiannopoulos, 2012/09/15

Prev by Date: the "crime" attack on TLS
Next by Date: Re: Documentation on W32
Previous by thread: the "crime" attack on TLS
Next by thread: Re: the "crime" attack on TLS
Index(es):
- Date
- Thread