Abstract
This paper describes several techniques that can exploit plaintext side-channels, namely the length of ciphertext along with human factors. Those side-channels are explored in this work to recover secret strings such as authentication cookies, and possibly passwords, from Hypertext Transfer Protocol (HTTP) traffic protected by Transport Layer Security (TLS). Other applications of those attacks allow for evading the SiteKey anti-fishing mechanism, recovering the answers to user-configured challenge questions, and tracking a user’s operations on the web applications of a web site. Previous research has demonstrated the danger of using data compression in conjunction with encryption. There are highly publicized attacks that exploit compression side-channels to recover authentication cookies from TLS protected HTTP traffic. Since then, data compression is disabled at web servers, and recent versions of web browsers have it disabled by default. TLS version 1.3 has entirely removed support for data compression. With all those countermeasures in place, the techniques that are described in this paper can cause a comparable level of compromise. The overall work was done as an ethical security assessment to analyze and validate the danger of plaintext side-channels without any particular connection to data compression.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
