Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Compression Oracle Attacks on VPN Networks

Black Hat via YouTube

Overview

Explore compression oracle attacks on VPN networks in this 43-minute Black Hat conference talk. Delve into the vulnerabilities of browser requests and responses tunneling HTTP traffic through VPNs, and investigate potential attacks on ESP Compression and other encryption-based optimizations in tunneled traffic. Learn about compression basics, observe encrypted traffic, and understand the CRIME attack. Examine the setup, requirements, and detection methods for these attacks, with a focus on Chrome and CloudFlare implementations. Gain insights into future attack possibilities, including TimeBreach and TLS VPNs. Conclude with a summary and Q&A session led by speaker Ahamed Nafeez.

Syllabus

Introduction
What is Compression
What Compression means
Compression Oracle Attack
Observing Encrypted Traffic
Crime Massive Code
Future Attacks
Time
Breach
TLS VPNs
The Attack
Requirements
Setup
Chrome
Detection
Compression Oracle
CloudFlare
My Take
Summary
Questions

Taught by

Black Hat

Reviews

Start your review of Compression Oracle Attacks on VPN Networks

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.