(a) BEAST (Browser Exploit Against SSL/TLS)

  •  By Juliano Rizzo and Thai Duong, 2011 @ ekoparty Security Conference in Buenos Aires, Argentina
  •  Decrypts secure cookies against CBC mode (i.e AES or 3DES) in TLSv1

Demo and description:
Proof of Concept with javascript:

(b) CRIME (Compression Ratio Info-leak Made Easy)

  • By Juliano Rizzo and Thai Duong, 2012 @ ekoparty Security Conference in Buenos Aires, Argentina
  • leverages compression side-channel, recovers the HTTP request headers
  • Injects partial chosen plaintext (CPA) into a victim’s requests + measures the size of encrypted traffic
  • HTTP-level compression: gzip (RFC 1952), defalte (RFC 1951)
  • Mitigated by disabling TLS/SPDY compression

1. Wiki:
2. Tor and BEAST:
3. Schneier’s Article:
4. Generic attacks with compression:

(c) BREACH (Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext)

  • By Angelo Prado, Neal Harris, and Yoel Gluck, 2013 @ Blackhat 2013
  • CVE-2013-3587
  • leverages compression, takes advantage of HTTP responses
  • Mitigated by:Disabling HTTP compression
    – Separating secrets from user input
    – Randomizing secrets per request
    – Masking secrets (effectively randomizing by XORing with a random secret per request)
    – Protecting vulnerable pages with CSRF
    – Length hiding (by adding random number of bytes to the responses)
    – Rate-limiting the requests


1. Wiki:
2. Paper:,%20gone%20in%2030%20seconds.pdf
3. PPT:
4. Source Code: