#20869: Prevent repetitive output to counter BREACH-type attacks
-------------------------------+--------------------------------------
Reporter: patrys | Owner: nobody
Type: Uncategorized | Status: new
Component: contrib.csrf | Version: 1.5
Severity: Normal | Resolution:
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------+--------------------------------------
Comment (by shai):
Replying to [comment:5 patrys]:
> What do you mean by slow? To use compression as an approach vector you
need to know the prefix of the string you're targetting. If it's truly
random then there is no way to predict a prefix long enough to make the
attack feasible.
>
You don't need a prefix of the pad; only the secret. And by most reports,
3 characters is enough and feasible.
> Let's assume that P is prefix and S is salt.
P is "one-time-pad" and S is secret.
> The proposed solution suggests:
>
> P₁ + P₂ + … + (S₁ XOR P₁) + (S₂ XOR P₂) + …
>
> If I can predict P then I have already defeated the countermeasure and
can continue the BREACH.
That's a big if. As I noted above, if S is output as is, with no XOR or
other combination with P, then you can simply ignore P. The XOR prevents
that.
--
Ticket URL: <https://code.djangoproject.com/ticket/20869#comment:13>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/064.39421b3d3fdaeecca9b11e98b1dce619%40djangoproject.com.
For more options, visit https://groups.google.com/groups/opt_out.
