Hi Valery,
Yes, these are lossy algorithms, but the TLS/HTTP attacks are all with
lossless algorithms. And as far as I know, they are applicable to any
situation where here is an attacker that can force traffic on the wire,
mixed with other, non-attacker controlled traffic. So IMO they are not
restricted to just HTTP.
The attacks using compression known to me (e.g. CRIME) rely on the ability
for an attacker to observe the difference in the length of messages (caused by applying
compression) after each attempt. However, in case of ESP there are obstacles for doing that.
First, ESP has a mandatory padding that is applied even in case of stream ciphers
(in this case the packet is aligned to a 4 bytes boundary). This makes it more
difficult for an attacker to catch a difference in lengthes. Then, ESP includes
an optional TFC padding feature that makes the above attack infeasable, because
each
ESP packet will have either the same size or randomly adjusted size.
And ESP compression could help applying TFC padding without consuming
considerable anount of additional bandwidth.
Regards,
Valery.
Thanks,
Yaron
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
