Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: List for announcements regarding Qt releases and development <announce <at> qt-project.org>
Subject: [Announce] SECURITY - disabling SSL/TLS compression to mitigate the "CRIME" attack
Newsgroups: gmane.comp.lib.qt.devel
Date: Thursday 27th September 2012 10:56:07 UTC (over 4 years ago)
A security vulnerability has been discovered in the SSL/TLS protocol, which
affects connections using compression.
All versions of TLS are believed to be affected.
To address this, Qt will disable TLS compression by default.

* How does the attack work?

If the attacker can insert data into the SSL connection, then by looking at
the length of the compressed data it is possible to determine if the
inserted data matches secret data or not.

For example, if you are sending a https request to a server using basic
authentication then your http header contains data similar to:
"Authorization: dXNlcjpwYXNzd29yZA=="
If the attacker can insert data in the body of the request, e.g.
"Authorization: d"

Then the compressed size will be smaller if they guessed the first
character of the authentication token correctly.
With repeated requests it would be possible to guess the whole string in
linear time.

Any data in the headers could be guessed in this way, but authorization
tokens and login cookies are the most likely targets.

* What kind of applications are vulnerable?

Web browsers and applications using QtWebkit are most vulnerable, because
of the ease of automating this attack with javascript (and the ease of
inserting malicious javascript).
In principle, any application that uses SSL and can run untrusted scripts
or be scripted externally could be vulnerable.

* How is Qt addressing the problem?

Qt is disabling SSL compression by default.
The 4.8.4 and 5.0.0 releases of Qt will have this change.
This change is available for cherry-picking from git if you build Qt from
source.

The git changes are as follows:
5.0: 5ea896fbc63593f424a7dfbb11387599c0025c74
4.8: d41dc3e101a694dec98d7bbb582d428d209e5401
4.7: 3488f1db96dbf70bb0486d3013d86252ebf433e0

For older 4.x releases, the 4.7 patch is expected to work.

* How can I protect my application without updating Qt?

For Qt 4.8.0 or later, you can set the default SSL configuration using the
following code:

QSslConfiguration config = QSslConfiguration::defaultConfiguration();
config.setSslOption(QSsl::SslOptionDisableCompression, true);
QSslConfiguration::setDefaultConfiguration(config);

For older Qt versions, unfortunately there is no application level
workaround.

* My application isn't vulnerable, I want to use compressed requests

You can enable compression by default using the following code:
QSslConfiguration config = QSslConfiguration::defaultConfiguration();
config.setSslOption(QSsl::SslOptionDisableCompression, false);
QSslConfiguration::setDefaultConfiguration(config);

* I'm using a custom QSslConfiguration

Review your code.
If you are copying the default configuration and changing some settings
then you are probably protected.
If not, then you should set the option to disable compression appropriately
--
Akseli Salovaara
Software Specialist - Digia, Qt
Visit us on: http://qt.digia.com
 
CD: 4ms