User: Password:
Subscribe / Log in / New account

Different compression scheme

Different compression scheme

Posted Sep 20, 2012 11:43 UTC (Thu) by epa (subscriber, #39769)
In reply to: Different compression scheme by alonz
Parent article: CRIME Attack Uses Compression Ratio of TLS Requests as Side Channel to Hijack Secure Sessions (threatpost)

Here I think the attacker can add things to the headers, such as cookies or the exact path being requested. So you would need to reset the compression state between one header line and the next.

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds