News from the CRIME scene
The dust from ekoparty, an Argentinian security conference, has settled, and we now have details on CRIME, an attack on the encryption widely used in web browsers.
To recap, if the attacker can hijack your browser as well as sniff your (encrypted) network traffic, they can perform a chosen-plaintext attack to extract small amounts of information from your session. This information, like a login cookie, can then be used to impersonate you.
It’s also confirmed that the attack affects crypto in multiple contexts – due to the generic concept of the attack (crypto used with compression), regular TLS/SSL and SPDY are affected.
The real solution is to modify the way browsers perform encryption to disable this side-channel attack, so that chunks of sensitive data are compressed independently of each other. That’s still in the pipeline and needs to be done in the protocol (in the case of SPDY), as described by one of Google’s security wizards, so the interim quick fix is to simply disable compression in the crypto layer. This has been done in current versions of all major browsers.
There’s plenty more details that we haven’t covered here. If you’re interested, we think these links are worth checking out: