Return-Path: X-Original-To: apmail-httpd-dev-archive@www.apache.org Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D93BC10ED0 for ; Sat, 10 Aug 2013 16:19:47 +0000 (UTC) Received: (qmail 52175 invoked by uid 500); 10 Aug 2013 16:19:46 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 51905 invoked by uid 500); 10 Aug 2013 16:19:46 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 51897 invoked by uid 99); 10 Aug 2013 16:19:45 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 10 Aug 2013 16:19:45 +0000 X-ASF-Spam-Status: No, hits=0.0 required=5.0 tests= X-Spam-Check-By: apache.org Received-SPF: unknown (athena.apache.org: error in processing during lookup of dirkx@webweaving.org) Received: from [204.109.56.33] (HELO ibiza.webweaving.org) (204.109.56.33) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 10 Aug 2013 16:19:40 +0000 Received: from pikmeer.webweaving.org (pikmeer.webweaving.org [178.18.23.51]) by ibiza.webweaving.org (8.14.7/8.14.7) with ESMTP id r7AGJJkK062192 for ; Sat, 10 Aug 2013 16:19:19 GMT (envelope-from dirkx@webweaving.org) Received: from [172.20.10.2] (static.kpn.net [92.69.226.87] (may be forged)) (authenticated bits=0) by pikmeer.webweaving.org (8.14.5/8.14.5) with ESMTP id r7AGJG4K063131 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO) for ; Sat, 10 Aug 2013 16:19:18 GMT (envelope-from dirkx@webweaving.org) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) Subject: Re: breach attack From: Dirk-Willem van Gulik In-Reply-To: <20130810161404.GA29347@uio.no> Date: Sat, 10 Aug 2013 18:19:15 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <3232ED0B-7726-4CA0-9DF8-CDACCB124373@webweaving.org> References: <20130809212441.GA8598@uio.no> <2688BADC-1F66-40B0-89FF-7F251F5AA756@webweaving.org> <20130810161404.GA29347@uio.no> To: dev@httpd.apache.org X-Mailer: Apple Mail (2.1508) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (ibiza.webweaving.org [204.109.56.32]); Sat, 10 Aug 2013 16:19:19 +0000 (UTC) X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.5 (pikmeer.webweaving.org [178.18.23.51]); Sat, 10 Aug 2013 16:19:19 +0000 (UTC) X-Virus-Checked: Checked by ClamAV on apache.org On 10 Aug 2013, at 18:14, "Steinar H. Gunderson" = wrote: > On Sat, Aug 10, 2013 at 06:11:09PM +0200, Dirk-Willem van Gulik wrote: >> I'd keep in mind that compression is simply an amplifier for this = type of >> attack. It makes the approach more effective. But it is not = essential; when >> you have in essence a largely known plaintext surrounding a short = secret >> and an oracle. And the latter is not going to go away - current = dominant >> site development models will make this worse; as do current = operational >> models w.r.t. to picking such up early. >=20 > Wait, what's the oracle if there's no compression? As as ultimately before - the origin server (and/or the traffic you = compare it to). Granted - doing this raw is not that feasible for large = key lengths - but even some slight weakness elsewhere (could be as silly = as a render/timing change in the browser) will help. Dw.=