CTX: ELIMINATING BREACH WITH CONTEXT HIDING presented at BlackHatEU 2016

by Aggelos Kiayias, Dimitris Karakostas, Dionysis Zindros, Eva Sarafianou,

Summary : The BREACH attack presented at Black Hat USA 2013 still has not been mitigated, despite new developments and optimizations presented at Black Hat Asia 2016. This class of attacks presents itself in all practical web applications which use compression, together with encryption, and has not been fixed in even the most recent versions of TLS 1.3.
In this talk, we present a generic defence method which eliminates compression-detectability features of existing protocols. We introduce CTX, Context Transformation Extension, a cryptographic method which defends against BREACH, CRIME, TIME, and generally any compression side-channel attack. CTX uses context hiding in a per-origin manner to separate secrets from different origins in order to avoid cross-compressibility. In this talk, we will show a demo of the defence and illustrate how it eliminates the attack implemented in Rupture. We will release an open source implementation of CTX in popular web frameworks both for client-side and server-side web applications. Our implementation runs at the application layer, is opt-in, and does not require modifications to web standards or the underlying web server.