agenda
play

Agenda Technical background ! Same-Origin Policy ! - PowerPoint PPT Presentation

Sep 18, 2022 •290 likes •804 views

H TTP ! E ncrypted ! I nformation can be ! S tolen through ! T CP-windows by ! Mathy Vanhoef & Tom Van Goethem Agenda Technical background ! Same-Origin Policy ! Compression-based attacks ! SSL/TLS & TCP ! Nitty gritty

  1. H TTP ! E ncrypted ! I nformation can be ! S tolen through ! T CP-windows by ! Mathy Vanhoef & Tom Van Goethem

  2. Agenda • Technical background ! • Same-Origin Policy ! • Compression-based attacks ! • SSL/TLS & TCP ! • Nitty gritty HEIST details ! • Demo ! • Countermeasures H E I S T 2

  3. Same-Origin Policy GET /vault Mr. Sniffles https://bunnehbank.com H E I S T 3

  4. Same-Origin Policy GET /vault Mr. Sniffles https://bunnehbank.com H E I S T 3

  5. the World Wide Web https://bunnehbank.com Mr. Sniffles H E I S T 4

  6. the World Wide Web https://bunnehbank.com Mr. Sniffles H E I S T 4

  7. the World Wide Web GET /vault https://bunnehbank.com Mr. Sniffles H E I S T 4

  8. the World Wide Web GET /vault https://bunnehbank.com Mr. Sniffles H E I S T 4

  9. the World Wide Web GET /vault https://bunnehbank.com Mr. Sniffles H E I S T 4

  10. the World Wide Web GET /vault https://bunnehbank.com Mr. Sniffles H E I S T 4

  11. the World Wide Web GET /vault https://bunnehbank.com Mr. Sniffles H E I S T 5

  12. the World Wide Web GET /vault https://bunnehbank.com Mr. Sniffles H E I S T 6

  13. Agenda • Technical background ! • Same-Origin Policy ! • Compression-based attacks ! • SSL/TLS & TCP ! • Nitty gritty HEIST details ! • Demo ! • Countermeasures H E I S T 7

  14. /vault Uncompressed Compressed You requested: 
 You requested: 
 /vault 
 /vault 
 vault_secret=carrots4life _secret=carrots4life → 51 bytes → 47 bytes H E I S T 8

  15. /vault?secret=a /vault?secret=c You requested: 
 You requested: 
 /vault?secret=a 
 /vault?secret=c 
 _ carrots4life _ arrots4life → 50 bytes → 49 bytes H E I S T 9

  16. /vault?secret=a /vault?secret=c You requested: 
 You requested: 
 /vault?secret=a 
 /vault?secret=c 
 49 bytes < 50 bytes → 'c' is a correct guess _ carrots4life _ arrots4life → 50 bytes → 49 bytes H E I S T 10

  17. /vault?secret=ca /vault?secret=cb You requested: 
 You requested: 
 /vault?secret=ca 
 /vault?secret=cb 
 _ rrots4life _ arrots4life → 49 bytes → 50 bytes H E I S T 11

  18. /vault?secret=ca /vault?secret=cb You requested: 
 You requested: 
 /vault?secret=ca 
 /vault?secret=cb 
 49 bytes < 50 bytes → 'ca' is a correct guess _ rrots4life _ arrots4life → 49 bytes → 50 bytes H E I S T 12

  19. Compression-based Attacks • Compression and Information Leakage of Plaintext [FSE'02] ! • Chosen plaintext + compression = plaintext leakage ! • CRIME [ekoparty'12] ! • Exploits SSL compression ! • BREACH [Black Hat USA'13] ! • Exploits HTTP compression H E I S T 13

  20. Agenda • Technical background ! • Same-Origin Policy ! • Compression-based attacks ! • SSL/TLS & TCP ! • Nitty gritty HEIST details ! • Demo ! • Countermeasures H E I S T 14

  21. GET /vault TCP handshake S Y N SYN, ACK ACK SSL handshake Client Hello Server Hello P r e - M a s t e r S e c r e t H E I S T 15

  22. GET /vault encrypt( 
 GET /vault HTTP/1.1 
 Cookie: user=mr.sniffles ! Host: bunnehbank.com ! .... 
 ) 1 TCP data packet H E I S T 16

  23. encrypt( ) = 29 TCP data packets H E I S T 17

  24. encrypt( ) = 29 TCP data packets TCP packet 1 initcwnd TCP packet 2 = ... 10 TCP packet 10 H E I S T 18

  25. encrypt( ) = 29 TCP data packets TCP packet 1 initcwnd TCP packet 2 = ... 10 TCP packet 10 10 ACKs H E I S T 18

  26. encrypt( ) = 29 TCP data packets TCP packet 1 initcwnd TCP packet 2 = ... 10 TCP packet 10 10 ACKs cwnd = 20 H E I S T 18

  27. encrypt( ) = 29 TCP data packets TCP packet 1 initcwnd TCP packet 2 = ... 10 TCP packet 10 10 ACKs cwnd = 20 TCP packet 11 ... TCP packet 29 H E I S T 18

  28. HEIST • A set of techniques that allow attacker to determine the exact size of a network response ! • ... purely in the browser ! • Can be used to perform compression-based attacks, such as CRIME and BREACH, in the browser H E I S T 19

  29. Browser Side-channels • Send authenticated request to /vault resource ! fetch('https://bunnehbank.com/vault', {mode: "no-cors", credentials:"include"}) • Returns a Promise , which resolves as soon as browser receives the first byte of the response performance.getEntries()[-1].responseEnd • Returns time when response was completely downloaded H E I S T 20

  30. HEIST • Step 1: find out if response fits in a single TCP window H E I S T 21

  31. Fetching small resource: T2 - T1 is very small TCP handshake 
 first byte 
 complete received initial TCP 
 GET /vault window received time T1 T2 responseEnd initial TCP 
 fetch('...') window sent Promise 
 SSL handshake 
 complete resolves H E I S T 22

  32. Fetching large resource: T2 - T1 is round-trip time TCP handshake 
 first byte 
 second TCP 
 complete received window received initial TCP 
 GET /vault window received time T1 T2 ACK sent responseEnd initial TCP 
 fetch('...') window sent second TCP 
 Promise 
 SSL handshake 
 window sent complete resolves H E I S T 23

  33. HEIST • Step 1: find out if response fits in a single TCP window ! • Step 2: discover exact response size H E I S T 24

  34. Discover Exact Response Size initcwnd second TCP window Reflected content: x bytes Resource size: ?? bytes H E I S T 25

  35. Discover Exact Response Size initcwnd second TCP window Reflected content: x/2 bytes Resource size: ?? bytes H E I S T 26

  36. Discover Exact Response Size initcwnd second TCP window Reflected content: x/2+x/4 bytes Resource size: ?? bytes H E I S T 27

  37. After log(n) checks, we find: 
 ! y bytes of reflected content = 1 TCP window ! ! y+1 bytes of reflected content = 2 TCP windows 
 → resource size = initcwnd - y bytes initcwnd second TCP window Reflected content: y bytes Resource size: ?? bytes H E I S T 28

  38. HEIST • Step 1: find out if response fits in a single TCP window ! • Step 2: discover exact response size ! • Step 3: do the same for large responses ( > initcwnd ) H E I S T 29

  39. Determine size of large responses • Large response = bigger than initial TCP window • initcwnd is typically set to 10 TCP packets ! • ~14kB ! • TCP windows grow as packets are acknowledged ! • We can arbitrarily increase window size H E I S T 30

  40. = 19 TCP data packets GET /foo CWND = 10 10 TCP packets 10 ACKs CWND = 20 GET /vault 19 TCP packets 19 ACKs sent in single 
 TCP window H E I S T 31

  41. HEIST • Step 1: find out if response fits in a single TCP window ! • Step 2: discover exact response size ! • Step 3: do the same for large responses ( > initcwnd ) ! • Step 4: if available, leverage HTTP/2 H E I S T 32

  42. Leveraging HTTP/2 • HTTP/2 is the new HTTP version ! • Preserves the semantics of HTTP ! • Main changes are on the network level ! • Only a single TCP connection is used for parallel requests H E I S T 33

  43. Leveraging HTTP/2 • Determine exact response size without reflected content in the same response ! • Use (reflected) content in other responses on the same server ! • Note that BREACH still requires (a few bytes of) reflective content in the same resource H E I S T 34

  44. = 6 TCP packets /reflect?x=... = 3 TCP packets GET /reflect?x=... CWND = 10 GET /vault Promise 
 9 TCP packets resolves 9 ACKs responseEnd contains both 
 /reflect 
 and /vault H E I S T 35

  45. = 6 TCP packets /reflect?x=... = 5 TCP packets GET /reflect?x=... CWND = 10 GET /vault Promise 
 10 TCP packets resolves 10 ACKs CWND = 20 1 TCP packet contains both 
 1 ACK responseEnd /reflect and 
 part of /vault H E I S T 36

  47. DEMO H E I S T 38

  48. Other targets • Compression-based attacks ! • gzip compression is used by virtually every website ! • Size-exposing attacks ! • Uncover victim's demographics from popular social networks ! • Reveal victim's health conditions from online health websites ! • .... ! • Hard to find sites that are not vulnerable H E I S T 39

  49. Countermeasures • Browser layer ! • Prevent side-channel leak (infeasible) ! • Disable third-party cookies (complete) ! • HTTP layer ! • Block illicit requests (inadequate) ! • Disable compression (incomplete) ! • Network layer ! • Randomize TCP congestion window (inadequate) ! • Apply random padding (inadequate) H E I S T 40

  50. Conclusion • Collection of techniques to discover network response size in the browser , for all authenticated cross-origin resources ! • Side-channel originates from subtle interplay between multiple layers ! • Allows for compression-based and size-exposing attacks ! • HTTP/2 makes exploitation easier ! • Many countermeasures, few that actually work H E I S T 41

  51. H E I S T Questions? Mathy Vanhoef ! Tom Van Goethem ! @vanhoefm ! @tomvangoethem ! mathy.vanhoef@cs.kuleuven.be tom.vangoethem@cs.kuleuven.be

Recommend

R E B I R T H R E B I R T H 1 Meeting Agenda Meeting Agenda Agenda 1

R E B I R T H R E B I R T H 1 Meeting Agenda Meeting Agenda Agenda 1

Annual General Meeting of Shareholders No. 1/2015 28 January 2015 At 1.30 P.M. at Athenee Crystal Hall, 3rd Floor, Plaza Athenee Bangkok R E B I R T H R E B I R T H 1 Meeting Agenda Meeting Agenda Agenda 1 To certify

879 views • 54 slides
Negotiating Conflicts Eff Effectively ti l Agenda Agenda Agenda Agenda Introductions

Negotiating Conflicts Eff Effectively ti l Agenda Agenda Agenda Agenda Introductions

Negotiating Conflicts Eff Effectively ti l Agenda Agenda Agenda Agenda Introductions Introductions 1) Negotiation Characteristics 2) Approaches to Conflict 2) Approaches to Conflict 3) Issues, Positions, and Interests 4)

1.06k views • 60 slides
Web E Web E ngineer ngineer ing Pr ing Pr oc ess oc ess We e k 2 Agenda (Lecture) Agenda

Web E Web E ngineer ngineer ing Pr ing Pr oc ess oc ess We e k 2 Agenda (Lecture) Agenda

Web E Web E ngineer ngineer ing Pr ing Pr oc ess oc ess We e k 2 Agenda (Lecture) Agenda (Lecture) Web Engineering Process W b E i i P Agenda (Lab) Agenda (Lab) Web 2.0 architecture patterns Project proposal P j t l

1.06k views • 19 slides
Anaheim August 27, 2008 Agenda Agenda Agenda Introduction New Rule Requirements

Anaheim August 27, 2008 Agenda Agenda Agenda Introduction New Rule Requirements

Anaheim August 27, 2008 Agenda Agenda Agenda Introduction New Rule Requirements Compliance Plan Upgrade Issues Questions Introduction Introduction Introduction Danny Luong Senior Enforcement Manager Background

989 views • 29 slides
Capital markets day 27 th September 2017 Agenda Time Agenda item Led by Time Agenda item

Capital markets day 27 th September 2017 Agenda Time Agenda item Led by Time Agenda item

Capital markets day 27 th September 2017 Agenda Time Agenda item Led by Time Agenda item Led by 14:15 TEA &amp; COFFEE BREAK 11.00 Introduction Carolyn McCall 11.05 1. Market / Network 14.30 4. Making travel easy &amp; affordable

1.22k views • 90 slides
Community Advisory Group Meeting June 20, 2016 Agenda 1. Welcome, Introductions and Agenda

Community Advisory Group Meeting June 20, 2016 Agenda 1. Welcome, Introductions and Agenda

Community Advisory Group Meeting June 20, 2016 Agenda 1. Welcome, Introductions and Agenda Overview 2. Public Comment (items not on the agenda) 3. CAG Questions and Concerns (items not on the agenda) 4. Labor Issue Update 5. New Generation

1.22k views • 55 slides
Agenda TOSITA Agenda July 15, 2015 9:30 - 10:00: Registration 10:00 -10:10: Welcome- PECO

Agenda TOSITA Agenda July 15, 2015 9:30 - 10:00: Registration 10:00 -10:10: Welcome- PECO

Agenda TOSITA Agenda July 15, 2015 9:30 - 10:00: Registration 10:00 -10:10: Welcome- PECO Perspective Bill Patterer -PECO 10:10- 10:20: Workshop Agenda/ EP-ACT Intro/EV overview Tony Bandiero EP-ACT 10:20- 10:35: EVSEs - What are They?

291 views • 15 slides
Agenda Agenda Linda Rammler, UConn UCEDD (copy from Agenda handout) Fr. John Gallagher,

Agenda Agenda Linda Rammler, UConn UCEDD (copy from Agenda handout) Fr. John Gallagher,

2/21/18 Agenda Agenda Linda Rammler, UConn UCEDD (copy from Agenda handout) Fr. John Gallagher, O.F.M. Cap. (St. Pius X Church) Kim Ranell Newgass (Baptist Church in New Haven) Mary Lou Freitas (Bethany Covenant) Doris

508 views • 5 slides
Mississauga Halton LHIN CSS and MH&amp;A Sector Meeting June 11, 2010 Agenda Agenda Welcome

Mississauga Halton LHIN CSS and MH&amp;A Sector Meeting June 11, 2010 Agenda Agenda Welcome

Mississauga Halton LHIN CSS and MH&amp;A Sector Meeting June 11, 2010 Agenda Agenda Welcome and Agenda Community Care Information Management Program Herb Spence Stakeholder Engagement, HRIS (CCIM) Eugene Cortes - Project Lead,

2.11k views • 122 slides
Welcome June 2020 Agenda I. Welcome and Introductions II. Consent Agenda a. Approval of June

Welcome June 2020 Agenda I. Welcome and Introductions II. Consent Agenda a. Approval of June

Welcome June 2020 Agenda I. Welcome and Introductions II. Consent Agenda a. Approval of June Agenda b. Approval of February minutes c. Women in Jail Research Study III. Old Business a. JRAC Membership b. COVID-19 Strategies and Sustainability

539 views • 26 slides
Todays Agenda Todays Agenda Continued Todays Agenda Continued Save the Date August

Todays Agenda Todays Agenda Continued Todays Agenda Continued Save the Date August

Todays Agenda Todays Agenda Continued Todays Agenda Continued Save the Date August 17 &amp; 18, 2021 10th Annual Nation to Nation Consultation Host: Chickasaw Nation USDA Leadership &amp; Tribal Leaders Oklahoma NRCS

892 views • 65 slides
E-beam and X-ray: Why? What? How? 1 Introduction &amp; Agenda Agenda: We are investing to

E-beam and X-ray: Why? What? How? 1 Introduction &amp; Agenda Agenda: We are investing to

E-beam and X-ray: Why? What? How? 1 Introduction &amp; Agenda Agenda: We are investing to supply and service a growing market E-Beam and X-ray are complementary solution that are financially viable Mevex and IBA are there to help

198 views • 15 slides
Katie Dively, Research Scientist II Agenda Agenda Agenda Agenda Welcome! 7 Step

Katie Dively, Research Scientist II Agenda Agenda Agenda Agenda Welcome! 7 Step

Katie Dively, Research Scientist II Agenda Agenda Agenda Agenda Welcome! 7 Step Communication Process Your Role Next Steps Centers Purpose Centers Purpose Centers Purpose Centers Purpose We are an

744 views • 55 slides
IDN BOF Agenda Harald Alvestrand, chair Agenda - 1 0900: Agenda bash, blue sheet, scribe ! 0910:

IDN BOF Agenda Harald Alvestrand, chair Agenda - 1 0900: Agenda bash, blue sheet, scribe ! 0910:

IDN BOF Agenda Harald Alvestrand, chair Agenda - 1 0900: Agenda bash, blue sheet, scribe ! 0910: Introduction to the IDN revision - John Klensin - An orientation on the main goals of the revision - Explanation of the division of labor between

233 views • 10 slides
#EdSummit @MorenoValleyUSD @BarrCenter 1 Agenda 10:45 Agenda 10:45 - 11:30 am 11:30 am

#EdSummit @MorenoValleyUSD @BarrCenter 1 Agenda 10:45 Agenda 10:45 - 11:30 am 11:30 am

#EdSummit @MorenoValleyUSD @BarrCenter 1 Agenda 10:45 Agenda 10:45 - 11:30 am 11:30 am 10:45 - 10:50 am: Introductions 10:50 - 10:55 am: MVUSD Board President Susan Smith 10:55 - 11:00 am: MVUSD Superintendent Dr. Martinrex Kedziora

408 views • 21 slides
Agenda Item 4: PUBLIC COMMENT Individuals may speak on any topic for up to three minutes; during

Agenda Item 4: PUBLIC COMMENT Individuals may speak on any topic for up to three minutes; during

4/25/19 SA SAN F FRANCISQ SQUITO C CREEK S F C J PA . O R G J O I N T P O W E R S A U T H O R I T Y BOARD OF DIRECTORS MEETING Menlo Park City Council Chambers April 25, 2019 at 2:30 p.m. AGENDA 1. ROLL CALL 2. APPROVAL OF AGENDA 3.

158 views • 15 slides
Community Advisory Group Meeting September 3, 2014 Agenda 1. Welcome, Introductions and Agenda

Community Advisory Group Meeting September 3, 2014 Agenda 1. Welcome, Introductions and Agenda

Community Advisory Group Meeting September 3, 2014 Agenda 1. Welcome, Introductions and Agenda Overview 2. Public Comment (items not on the agenda) 3. CAG Questions and Concerns 4. UCSF Medical Center Update 5. UCSF 10-Year Capital Plan

941 views • 35 slides
http://windowstips.wordpress.com Agenda Agenda Introduction Malware public information

http://windowstips.wordpress.com Agenda Agenda Introduction Malware public information

Juan Garrido MVP Enterprise Security @tr1ana http://windowstips.wordpress.com Agenda Agenda Introduction Malware public information TRIANA Conclusions Agenda One new malware every 2 seconds Its like epidemic Many variety of

1.07k views • 19 slides
F F unctional Design unctional Design We e k 9 Agenda (Lecture) Agenda (Lecture)

F F unctional Design unctional Design We e k 9 Agenda (Lecture) Agenda (Lecture)

F F unctional Design unctional Design We e k 9 Agenda (Lecture) Agenda (Lecture) Functional design F ti l d i Agenda (Lab) Agenda (Lab) Weekly progress report Homework/Lab assignments Announcement Announcement Walk

478 views • 24 slides
Community Advisory Group Meeting December 3, 2014 Agenda 1. Welcome, Introductions and Agenda

Community Advisory Group Meeting December 3, 2014 Agenda 1. Welcome, Introductions and Agenda

Community Advisory Group Meeting December 3, 2014 Agenda 1. Welcome, Introductions and Agenda Overview 2. Public Comment (Items not on the agenda) 3. CAG Questions and Concerns 4. Overview of UCSF Diversity Programs 5. Campus Updates

539 views • 22 slides
Spring 2015 Agenda - Thursday Logistics Introductions Agenda Bash Network Updates

Spring 2015 Agenda - Thursday Logistics Introductions Agenda Bash Network Updates

Southern Crossroads (SoX) Participant Meeting Spring 2015 Agenda - Thursday Logistics Introductions Agenda Bash Network Updates Commodity Internet SoX NOC NSF Workshops Brainstorming over Dinner Agenda - Friday

554 views • 32 slides
RAF Marham October 2019 Kayleigh Winter MOD Development Manager Agenda Agenda About the IET

RAF Marham October 2019 Kayleigh Winter MOD Development Manager Agenda Agenda About the IET

RAF Marham October 2019 Kayleigh Winter MOD Development Manager Agenda Agenda About the IET Membership and Benefits Professional Registration My approach Application and Support How I can add value Q&amp;A Agenda About the IET The

683 views • 49 slides
PCCD Planning and Budgeting Council May 27, 2016 8:30 a.m. 12:30 p.m. AGENDA Time Agenda

PCCD Planning and Budgeting Council May 27, 2016 8:30 a.m. 12:30 p.m. AGENDA Time Agenda

PCCD Planning and Budgeting Council May 27, 2016 8:30 a.m. 12:30 p.m. AGENDA Time Agenda Topic 2015- 16 PBC Goal PCCD 2015- 16 Strategic Presenters Goals and Institutional Objectives 8:30 I. Agenda Review Facilitator 8:35

371 views • 35 slides
an industry perspective AGENDA AGENDA ATDIs Activities on EMF EMF in 5G Environment Topics

an industry perspective AGENDA AGENDA ATDIs Activities on EMF EMF in 5G Environment Topics

EMF Exposure and 5G network development: an industry perspective AGENDA AGENDA ATDIs Activities on EMF EMF in 5G Environment Topics for Discussion AGENDA ATDIs activities on EMF ATDI as a Sector Member of the ITU-D, ITU-R WTDC- 17

316 views • 13 slides

More recommend