SecurityTube

CRIME Attack Uses Compression Ratio of TLS Requests as Side Channel to Hijack Secure Sessions

JB

The new attack on TLS developed by researchers Juliano Rizzo and Thai Duong takes advantage of an information leak in the compression ratio of TLS requests as a side channel to enable them to decrypt the requests made by the client to the server. This, in turn, allows them to grab the user's login cookie and then hijack the user's session and impersonate her on high-value destinations such as banks or e-commerce sites.The attack, known as CRIME, works on any version of TLS and the number of requests that the attacker needs to make in order to execute it is quite small, as low as six requests per cookie byte. The implications of the attack are considerable, given how widely TLS is used and the implicit trust that's the key to its utility. Rizzo and Duong's attack--their second such attack on TLS and SSL in the last two years--improves upon their previous results in that it doesn't necessarily require the use of JavaScript and it can't be defeated by changing to a different ciphersuite.