Pierluigi Paganini August 04, 2013

The HTTPS cryptographic scheme is menaced by the BREACH attack that allows hackers to capture security credentials, email addresses and much more from encrypted pages, often in as little as 30 seconds.

Breach (Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext) is the name of an new methods to capture login tokens, session ID and other sensitive information from SSL/TSL encrypted traffic.

The powerful technique was illustrated at the Black Hat conference by Yoel Gluck with his colleagues researchers Neal Harris and Angelo Prado, but what has shocked the security community is its capability to broke the encryption in just 30 seconds.

The HTTPs connections are today used to protect traffic of banking system, e-commerce and other secure communications, with a Breach attack hackers could access to sensitive information encrypted in the traffic such as email addressed and security tokens.

BREACH attack technique in reality doesn’t decrypt the entire protected traffic, instead it manipulates data compression to extract pieces of information considered of particular interest.

“We’re not decrypting the entire channel, but only extracting the secrets we care about,” Yoel Gluck, one of three researchers who developed the attack, told Ars. “It’s a very targeted attack. We just need to find one corner [of a website response] that has the token or password change and go after that page to extract the secret. In general, any secret that’s relevant [and] located in the body, whether it be on a webpage or an Ajax response, we have the ability to extract that secret in under 30 seconds, typically.”

BREACH exploits the standard Deflate compression algorithm used by various websites to reduce bandwidth consumption, the hacker need to continually eavesdrop on the encrypted traffic between a victim and a web server before and the condition for exploiting success is that a victim first accesses to malicious link, for example deceiving him with embedded an iframe tag in a page the victim use to frequent.

It is important to note that the attack appears independent of the version of TLS/SSL and does not require TLS-layer compression. Additionally, the attack works against any cipher suite.

Angelo Prado added on the attack to the team of the The Hacker News, “We are using a compression oracle is leveraging the building blocks from CRIME, on a different compression context.”

“Using what’s known as an oracle technique, attackers can use compression to gain crucial clues about the contents of an encrypted message. That’s because many forms of encryption—including those found in HTTPS—do little or nothing to stop attackers from seeing the size of the encrypted payload. Compression oracle techniques are particularly effective at ferreting out small chunks of text in the encrypted data stream.” Reported a post on ArsTechnica.

The attack has serious repercussion, the capturing of authentication token and any other sensitive information could allow a hacker to hijack authenticated web sessions with obvious consequences, this type of attack despite doesn’t compromise the entire SSL security highlight the vulnerability of the two-decade-old SSL and TLS protocols.

Pierluigi Paganini

(Security Affairs – Hacking, BREACH)