Akamai Diversity

The Akamai Blog

Take a Byte out of CRIME

On September 21, 2012 at the 8th annual Ekoparty Security Conference in Buenos Aires, Argentina, security researchers Juliano Rizzon and Thai Duong released their latest SSL vulnerability and the accompanying attack tool. Called CRIME (Compression Ratio Info-leak Made Easy), their tool exploits a weakness in the compression algorithm used by encryption protocols SSL/TLS and SPDY.  Similar to the tool the pair released in 2011, BEAST, CRIME is a client-side attack and uses weaknesses in the compression technology to enable an attacker to compromise the encrypted data tunnel between the browser and the origin server. The initial use of the vulnerability has been to steal user application cookies, allowing the attacker to impersonate the end user.

While this vulnerability and tool have gotten much attention in the month leading up to the presentation, the attack is of limited usefulness in reality.  First, the attack requires that the attacker be able to serve malicious traffic to the user and intercept traffic from the user to the web server. Typically this requires being on the same network segment as the targeted system. Second, less than half of servers on the Internet that use SSL/TLS and SPDY have compression enabled. Third, of the major browsers in use, only Chrome and Firefox allowed the use of the compression with SSL/TLS and SPDY when the tool was announced. By the time the tool had been released, all major browsers had been patched and no longer allowed the use of compression with the encryption protocols.

Akamai has reviewed the vulnerability information and as verified that we do not support compression for SSL/TLS on our platform. We do have compression enabled for SPDY, and will be patching to correct the issue at the next available opportunity in the patching cycle. According to Ivan Ristic at Qualys, approximately 7% of browsers were vulnerable to the attack and only .8% of the pages on the Internet support SPDY, making this a low risk vulnerability.

Customers can check themselves with `openssl s_client -connect control.akamai.com:443 < /dev/null |grep Compr`, substituting the site of their choice for control.akamai.com.

For more information on this vulnerability, please read the following articles:
- https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls
- http://www.imperialviolet.org/2012/09/21/crime.html
- http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html

Martin McKeay is a security evangelist at Akamai