Theoretical attack could spell doom for HTTPS traffic

Jan 5, 2016 23:15 GMT  ·  By

Dutch security researcher Guido Vranken has published a paper in which he details a new attack method on TLS/SSL-encrypted traffic, one that can potentially allow attackers to extract some information from HTTPS data streams.

Mr. Vranken describes the HTTPS Bicycle Attack as a method through which an attacker can inspect HTTPS traffic and be able to determine the length of some of the data exchanged underneath the TLS protection layer.

This includes details like the length of a cookie header, the length of passwords sent in POST requests, GPS coordinates, IPv4 addresses, or other information contained in TLS-encapsulated HTTP traffic.

HTTPS Bicycle Attack can be used retroactively

Mr. Vranken's HTTPS Bicycle Attack is completely undetectable and can also be used retroactively on HTTPS traffic logged many years before.

For an HTTPS Bicycle Attack to be successful, a few prerequisites need to be satisfied. First the HTTPS traffic must use a stream-based cipher, and then the attacker must know the length of the rest of the data before being able to extract details about specific parts of the HTTPS packets.

When all of these conditions are met, carrying out an HTTPS Bicycle Attack is easy. From an attacker's point of view, all he needs to do is to capture HTTPS packets from a user authentication operation.

Knowing the victim's username, login URL, and the adjacent information (usually sent to the server), the only information left in the HTTPS packet would be the length of the user's password. After a simple subtraction, an attacker would then be in the possession of the user's password length, which can be quite useful when an attacker is trying to brute-force his way into an account.

There are ways to mitigate current HTTPS traffic against HTTPS Bicycle Attacks

But data leaks in HTTPS traffic are more common than you think, with various details being revealed at different stages between the two encrypted endpoints. While side-channel attacks have tried for many years to put together the data leaks in encrypted traffic for the purpose of reconstructing the user's actions, many have failed, providing only trivial information, and many times relying on other more complex CSRF attacks that take over user sessions.

The HTTPS Bicycle Attack is only a theory at this point, but it is enough of a scare to make infosec researchers reconsider the usage of classic passwords for authenticating users, and also accelerate the implementation of other methods of authentication.

To protect against HTTPS Bicycle attacks, Mr. Vranken recommends that webmasters turn off support for TLS stream-ciphers, always use the latest version of the TLS protocol (1.2 right now), and add padding to any sensitive data sent via HTTPS, to mask its actual length.

You can read Guido Vranken's HTTPS Bicycle Attack research paper for more in-depth details.