Hallett_German

SSL Compression Methods and APM CE

Discussion created by Hallett_German Employee on Oct 28, 2013

This was discovered during a recent case and I am passing it on to the APM Community:

Situation: NOT able to decrypt traffic (Apache web server). The cipher suite is: TLS_RSA_WITH_AES_256_CBC_SHA

Root Cause: Use of “SSL/TLS compression” feature in their environment and TIM/ssldump code analysis found that it doesn’t have support for SSL/TLS Compression for DEFLATE type.

While researching further on SSL/TLS compression feature/implementations, we found that there is a serious security/vulnerability issue with SSL/TLS compression feature raised/observed in September, 2012 that causing serious Crime attacks with this feature. For more details on how to hijack HTTPS sessions with this feature, how/what browser and web server vendors TURN OFF this feature in later versions as part of mitigation activity etc,  please refer the below technical and public links:

https://isecpartners.com/blog/2012/september/details-on-the-crime-attack.aspx

http://www.computerworld.com/s/article/9231281/_CRIME_attack_abuses_SSL_TLS_data_compression_feature_to_hijack_HTTPS_sessions

Interestingly, Microsoft IIS webserver does not support SSL/TLS Compression - even in IIS 7.5/Server 2008 R2 and also Apache did the back port this critical FIX (i.e. turn off) from 2.4 to 2.2.24 due to popular demand by community (http://svn.apache.org/viewvc?view=revision&revision=1400700 ) and also updated the same in Apache mod_ssl documentation about crime attack 

Thanks

Hallett German

CA Technologies Support

Outcomes