Paper 2014/724

Protecting Encrypted Cookies from Compression Side-Channel Attacks

Janaka Alawatugoda, Douglas Stebila, and Colin Boyd

Abstract

Compression is desirable for network applications as it saves bandwidth; however, when data is compressed before being encrypted, the amount of compression leaks information about the amount of redundancy in the plaintext. This side channel has led to successful CRIME and BREACH attacks on web traffic protected by the Transport Layer Security (TLS) protocol. The general guidance in light of these attacks has been to disable compression, preserving confidentiality but sacrificing bandwidth. In this paper, we examine two techniques---heuristic separation of secrets and fixed-dictionary compression---for enabling compression while protecting high-value secrets, such as cookies, from attack. We model the security offered by these techniques and report on the amount of compressibility that they can achieve.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Major revision. Financial Cryptography 2015
Keywords
CRIME attackBREACH attackSide-channel attacksData compressionTLSSSL
Contact author(s)
janaka alawatugoda @ qut edu au
History
2014-12-30: revised
2014-09-17: received
See all versions
Short URL
https://ia.cr/2014/724
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2014/724,
      author = {Janaka Alawatugoda and Douglas Stebila and Colin Boyd},
      title = {Protecting Encrypted Cookies from Compression Side-Channel Attacks},
      howpublished = {Cryptology {ePrint} Archive, Paper 2014/724},
      year = {2014},
      url = {https://eprint.iacr.org/2014/724}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.