Candidate: Meng Yang
Title: Randomized Lempel-Ziv Compression for Anti-Compression Side-Channel Attacks
Supervisor(s): Gong, Guang
Abstract: Security experts confronts new attacks on TLS/SSL every year. Ever since the compression side-channel attacks CRIME and BREACH were presented during security conferences in 2012 and 2013, online users connecting to HTTP servers that run TLS version 1.2 are susceptible of being impersonated. We set up three Randomized Lempel-Ziv Models, which are built on Lempel-Ziv77, to fight against this attack. Our three models change the deterministic characteristic of the compression algorithm: each compression with the same input gives output of different lengths. After performing a compression side-channel attack simulation, all three models successfully prevented the attack. However, we demonstrate that our randomized models can still be broken by a stronger version of compression side-channel attack after performing simulation.
But this latter attack has a greater time complexity and is easily detectable. Finally, from the results, we conclude that our models couldn't compress as well as Lempel-Ziv77, but they can be used against compression side-channel attacks.