Testing Your SSL Server for CRIME

Bruce Morton

We still have to wait for later this week when Juliano Rizzo and Thai Duong will present their CRIME SSL/TLS attack at Ekoparty Security Conference. Regardless, we now know that the attack is based on the implementation of TLS compression or SPDY (pronounced “speedy”).

CRIME uses the vulnerability that there is information leakage when data is compressed prior to encryption. If a man-in-the-middle (MITM) attacker can observe network traffic and cause the victim’s browser to submit requests, then using the CRIME attack they can steal the session cookie. With the session cookie, they can hijack the victim’s session.

In order for the attack to be used, TLS compression or SPDY need to be implemented by both the browser and the Web server. So, if you want to protect your users, please turn off TLS compression or SPDY.

I asked a knowledgeable Web server operator about TLS compression and he wasn’t familiar with the feature. According to Ivan Ristić, SSL Labs tests across the SSL Pulse data set indicate that about 42 percent of the servers support TLS compression. SSL Labs tests are not completed, but they are also seeing about 0.8 percent support for SPDY. So, you may or may not have TLS compression or SPDY implemented. How do you know?

Here is a quick test. Go to SSL Labs SSL Server Test site and find out. Once on the site, type in your SSL protected domain name. In the results, check at the bottom for Compression and Next Protocol Negotiation (SPDY). If they say “No,” then the tested site is not susceptible to the CRIME attack. If they say “Yes,” then disable TLS compression or SPDY. According to Ristić, if your server does not support disabling, it will soon.

Bruce Morton
Bruce Morton
Director, Certificate Technology & Standards

Bruce Morton has worked in the public key infrastructure and digital certificate industry for more than 15 years and has focused on SSL and other publicly trusted certificates since 2005. He has been an active member of the CA/Browser Forum that released guidelines for extended validation (EV) certificates and Baseline Requirements for SSL certificates. Bruce oversees the governance and compliance of Entrust’s publicly trusted PKI.


Add to the Conversation