├── python ├── flask-ctx │ ├── flask_ctx │ │ ├── __init__.py │ │ ├── tests │ │ │ ├── __init__.py │ │ │ └── context_processor_test.py │ │ └── context_processors.py │ ├── requirements.txt │ ├── MANIFEST.in │ ├── setup.cfg │ ├── AUTHORS │ ├── LICENSE │ ├── setup.py │ └── README.rst ├── django-ctx │ ├── django_ctx │ │ ├── __init__.py │ │ ├── tests │ │ │ ├── __init__.py │ │ │ ├── templates │ │ │ │ ├── variable.html │ │ │ │ ├── permutations.html │ │ │ │ ├── protect.html │ │ │ │ └── full_page.html │ │ │ ├── settings.py │ │ │ └── context_processor_test.py │ │ ├── templatetags │ │ │ ├── __init__.py │ │ │ └── ctx_tags.py │ │ ├── templates │ │ │ └── ctx │ │ │ │ ├── protected.html │ │ │ │ └── permutations.html │ │ └── context_processors.py │ ├── requirements.txt │ ├── MANIFEST.in │ ├── setup.cfg │ ├── AUTHORS │ ├── LICENSE │ ├── setup.py │ └── README.rst └── ctx-defense │ ├── ctx_defense │ ├── tests │ │ ├── __init__.py │ │ ├── permuters_test.py │ │ └── app_test.py │ ├── __init__.py │ ├── permuters.py │ └── app.py │ ├── MANIFEST.in │ ├── setup.cfg │ ├── AUTHORS │ ├── LICENSE │ ├── README.rst │ └── setup.py ├── etc ├── experiments │ ├── requirements.txt │ ├── experiment_library.py │ └── experiment.py ├── Black Hat Europe 2016 │ ├── BH-presentation.pdf │ ├── BH-presentation.pptx │ └── BH-eu2016-CTX.tex └── spec │ └── ARCHITECTURE.md ├── .gitignore ├── nodejs ├── ctx-defense │ ├── spec │ │ ├── run.js │ │ ├── support │ │ │ └── jasmine.json │ │ └── ctxspec.js │ ├── package.json │ ├── README.md │ └── ctx.js └── nodejs-ctx-defense │ ├── spec │ ├── run.js │ ├── support │ │ └── jasmine.json │ └── ctxspec.js │ ├── package.json │ ├── nodejs-ctx-defense.js │ ├── LICENSE │ └── README.md ├── Makefile ├── .travis.yml ├── client ├── bower.json ├── package.json ├── __tests__ │ ├── ctx_example.html │ └── ctx.spec.js ├── my.conf.js └── ctx.js ├── README.md └── LICENSE /python/flask-ctx/flask_ctx/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /python/django-ctx/django_ctx/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /etc/experiments/requirements.txt: -------------------------------------------------------------------------------- 1 | ctx-defense 2 | -------------------------------------------------------------------------------- /python/ctx-defense/ctx_defense/tests/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /python/django-ctx/django_ctx/tests/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /python/flask-ctx/flask_ctx/tests/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /python/django-ctx/django_ctx/templatetags/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /python/flask-ctx/requirements.txt: -------------------------------------------------------------------------------- 1 | Flask>=0.10 2 | ctx-defense 3 | -------------------------------------------------------------------------------- /python/django-ctx/django_ctx/tests/templates/variable.html: -------------------------------------------------------------------------------- 1 | {{ ctx }} 2 | -------------------------------------------------------------------------------- /python/django-ctx/requirements.txt: -------------------------------------------------------------------------------- 1 | Django>=1.9 2 | ctx-defense 3 | nose 4 | -------------------------------------------------------------------------------- /python/ctx-defense/MANIFEST.in: -------------------------------------------------------------------------------- 1 | include AUTHORS 2 | include LICENSE 3 | include README.rst 4 | -------------------------------------------------------------------------------- /python/flask-ctx/MANIFEST.in: -------------------------------------------------------------------------------- 1 | include AUTHORS 2 | include LICENSE 3 | include README.rst 4 | -------------------------------------------------------------------------------- /python/django-ctx/django_ctx/tests/templates/permutations.html: -------------------------------------------------------------------------------- 1 | {% load ctx_tags %}{% ctx_permutations %} 2 | -------------------------------------------------------------------------------- /python/django-ctx/django_ctx/tests/templates/protect.html: -------------------------------------------------------------------------------- 1 | {% load ctx_tags %}{% ctx_protect "secret" "origin" %} 2 | -------------------------------------------------------------------------------- /python/django-ctx/django_ctx/templates/ctx/protected.html: -------------------------------------------------------------------------------- 1 |
{{ permuted }}
2 | -------------------------------------------------------------------------------- /etc/Black Hat Europe 2016/BH-presentation.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/decrypto-org/ctx/HEAD/etc/Black Hat Europe 2016/BH-presentation.pdf -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.tmp 2 | *.swp 3 | *.pyc 4 | *.aux 5 | *.log 6 | node_modules/ 7 | .eggs/ 8 | build/ 9 | *.egg-info/ 10 | dist/ 11 | env/ 12 | -------------------------------------------------------------------------------- /etc/Black Hat Europe 2016/BH-presentation.pptx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/decrypto-org/ctx/HEAD/etc/Black Hat Europe 2016/BH-presentation.pptx -------------------------------------------------------------------------------- /python/ctx-defense/ctx_defense/__init__.py: -------------------------------------------------------------------------------- 1 | from .app import CTX, PermutationUnavailableError 2 | from .permuters import NotAlphabetMemberError 3 | -------------------------------------------------------------------------------- /python/django-ctx/django_ctx/templates/ctx/permutations.html: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /python/django-ctx/django_ctx/tests/templates/full_page.html: -------------------------------------------------------------------------------- 1 | {% load ctx_tags %} 2 | {% ctx_protect "secret" "origin" %} 3 | {% ctx_permutations %} 4 | -------------------------------------------------------------------------------- /python/django-ctx/MANIFEST.in: -------------------------------------------------------------------------------- 1 | include AUTHORS 2 | include LICENSE 3 | include README.rst 4 | 5 | # recursive-include docs * 6 | recursive-include django_ctx/templates * 7 | -------------------------------------------------------------------------------- /python/flask-ctx/setup.cfg: -------------------------------------------------------------------------------- 1 | [metadata] 2 | license-file = LICENSE 3 | 4 | [wheel] 5 | universal = 1 6 | 7 | [egg_info] 8 | tag_build = dev 9 | tag_date = true 10 | -------------------------------------------------------------------------------- /python/ctx-defense/setup.cfg: -------------------------------------------------------------------------------- 1 | [metadata] 2 | license-file = LICENSE 3 | 4 | [wheel] 5 | universal = 1 6 | 7 | [egg_info] 8 | tag_build = dev 9 | tag_date = true 10 | -------------------------------------------------------------------------------- /python/django-ctx/setup.cfg: -------------------------------------------------------------------------------- 1 | [metadata] 2 | license-file = LICENSE 3 | 4 | [wheel] 5 | universal = 1 6 | 7 | [egg_info] 8 | tag_build = dev 9 | tag_date = true 10 | -------------------------------------------------------------------------------- /python/ctx-defense/AUTHORS: -------------------------------------------------------------------------------- 1 | Created and maintained by Dimitris Karakostas. 2 | 3 | Contributors: 4 | - Dimitris Karakostas 5 | - Eva Sarafianou 6 | - Dionysis Zindros 7 | -------------------------------------------------------------------------------- /python/django-ctx/AUTHORS: -------------------------------------------------------------------------------- 1 | Created and maintained by Dimitris Karakostas. 2 | 3 | Contributors: 4 | - Dimitris Karakostas 5 | - Eva Sarafianou 6 | - Dionysis Zindros 7 | -------------------------------------------------------------------------------- /python/flask-ctx/AUTHORS: -------------------------------------------------------------------------------- 1 | Created and maintained by Dimitris Karakostas. 2 | 3 | Contributors: 4 | - Dimitris Karakostas 5 | - Eva Sarafianou 6 | - Dionysis Zindros 7 | -------------------------------------------------------------------------------- /nodejs/ctx-defense/spec/run.js: -------------------------------------------------------------------------------- 1 | Jasmine = require('jasmine'); 2 | const jasmine = new Jasmine(); 3 | 4 | jasmine.loadConfigFile('spec/support/jasmine.json'); 5 | jasmine.execute(); 6 | -------------------------------------------------------------------------------- /nodejs/nodejs-ctx-defense/spec/run.js: -------------------------------------------------------------------------------- 1 | Jasmine = require('jasmine'); 2 | const jasmine = new Jasmine(); 3 | 4 | jasmine.loadConfigFile('spec/support/jasmine.json'); 5 | jasmine.execute(); 6 | -------------------------------------------------------------------------------- /python/django-ctx/django_ctx/context_processors.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | 3 | from ctx_defense import CTX 4 | 5 | 6 | def ctx_protect(request): 7 | return { 8 | 'ctx': CTX() 9 | } 10 | -------------------------------------------------------------------------------- /nodejs/ctx-defense/spec/support/jasmine.json: -------------------------------------------------------------------------------- 1 | { 2 | "spec_dir": "spec", 3 | "spec_files": [ 4 | "**/*[sS]pec.js" 5 | ], 6 | "helpers": [ 7 | "helpers/**/*.js" 8 | ], 9 | "stopSpecOnExpectationFailure": false, 10 | "random": false 11 | } 12 | -------------------------------------------------------------------------------- /nodejs/nodejs-ctx-defense/spec/support/jasmine.json: -------------------------------------------------------------------------------- 1 | { 2 | "spec_dir": "spec", 3 | "spec_files": [ 4 | "**/*[sS]pec.js" 5 | ], 6 | "helpers": [ 7 | "helpers/**/*.js" 8 | ], 9 | "stopSpecOnExpectationFailure": false, 10 | "random": false 11 | } 12 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | all: syntax test 2 | 3 | syntax: 4 | # Syntax check python 5 | find python -iname '*.py'|grep -v '/env/'|xargs pep8 --ignore E501 6 | # Syntax check nodejs 7 | find nodejs -iname "*.js"|grep -v '/node_modules/'|xargs jshint 8 | # Syntax check MD files 9 | mdl --rules ~MD036 etc 10 | test: 11 | cd python/ctx-defense && nosetests 12 | cd python/django-ctx && nosetests 13 | cd python/flask-ctx && nosetests 14 | cd nodejs/ctx-defense && npm run test 15 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: python 2 | sudo: true 3 | install: 4 | - pip install pep8 5 | - nvm install 6.3 6 | - nvm use 6.3 7 | - npm install jshint 8 | - cd nodejs/ctx-defense && npm install && cd ../.. 9 | - cd nodejs/nodejs-ctx-defense && npm install && cd ../.. 10 | - cd python/django-ctx && pip install -r requirements.txt && cd ../.. 11 | - cd python/flask-ctx && pip install -r requirements.txt && cd ../.. 12 | - gem install mdl 13 | script: 14 | - make all 15 | -------------------------------------------------------------------------------- /nodejs/nodejs-ctx-defense/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "nodejs-ctx-defense", 3 | "version": "1.0.1", 4 | "description": "server-side CTX defense against compression attacks in nodejs", 5 | "main": "nodejs-ctx-defense.js", 6 | "scripts": { 7 | "test": "jasmine" 8 | }, 9 | "author": "Eva Sarafianou", 10 | "license": "MIT", 11 | "dependencies": { 12 | "html-escape": "^2.0.0", 13 | "ctx-defense": "^1.0.0" 14 | }, 15 | "devDependencies": { 16 | "jshint": "^2.9.2", 17 | "jasmine": "^2.5.2" 18 | }, 19 | "jshintConfig": { 20 | "esversion": 6 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /client/bower.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ctx-client", 3 | "homepage": "https://github.com/dimkarakostas/ctx", 4 | "authors": [ 5 | "Dionysis Zindros " 6 | ], 7 | "description": "A Javascript client for the CTX side-channel defense", 8 | "main": "ctx.js", 9 | "keywords": [ 10 | "ctx", 11 | "side-channel", 12 | "attack", 13 | "compression", 14 | "breach", 15 | "crime", 16 | "rupture" 17 | ], 18 | "license": "MIT", 19 | "ignore": [ 20 | "**/.*", 21 | "node_modules", 22 | "bower_components", 23 | "test", 24 | "tests" 25 | ] 26 | } 27 | -------------------------------------------------------------------------------- /nodejs/ctx-defense/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ctx-defense", 3 | "version": "1.0.0", 4 | "description": "server-side CTX library for compression defense in nodejs", 5 | "main": "ctx-defense.js", 6 | "homepage": "https://www.ctxdefense.com/", 7 | "scripts": { 8 | "test": "node --harmony spec/run.js" 9 | }, 10 | "author": "Eva Sarafianou", 11 | "license": "MIT", 12 | "dependencies": { 13 | "lodash": "^4.16.2", 14 | "shuffle-array": "^1.0.0" 15 | }, 16 | "devDependencies": { 17 | "jshint": "^2.9.2", 18 | "jasmine": "^2.5.2" 19 | }, 20 | "jshintConfig": { 21 | "esversion": 6 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [![Build 2 | Status](https://travis-ci.org/dimkarakostas/ctx.svg?branch=master)](https://travis-ci.org/dimkarakostas/ctx) 3 | 4 | CTX - Context Transformation Extension 5 | ====================================== 6 | 7 | CTX is a cryptographic method that defends against side-channel attacks. 8 | 9 | Authors 10 | ======= 11 | CTX is developed by: 12 | 13 | * Dimitris Karakostas 14 | * Dionysis Zindros 15 | * Eva Sarafianou 16 | 17 | This research is being conducted at the [Cryptography & Security 18 | lab](http://crypto.di.uoa.gr/) at the University of Athens and the National 19 | Technical University of Athens. 20 | 21 | License 22 | ======= 23 | CTX is licensed under MIT. See LICENSE for more information. 24 | -------------------------------------------------------------------------------- /nodejs/nodejs-ctx-defense/nodejs-ctx-defense.js: -------------------------------------------------------------------------------- 1 | const ctx = require('ctx-defense'); 2 | 3 | module.exports = { 4 | createCtxObject: function() { 5 | 6 | let ctxDefense = new ctx(); 7 | return { 8 | ctxProtect: function(secret, origin) { 9 | let protect = ctxDefense.protect(secret, origin); 10 | return '
' + 11 | encodeURIComponent(protect.permuted) + '
'; 12 | }, 13 | ctxPermutations: function() { 14 | let permutations = ctxDefense.getPermutations(); 15 | return ''; 17 | } 18 | }; 19 | } 20 | }; 21 | -------------------------------------------------------------------------------- /client/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ctx-client", 3 | "version": "1.0.0", 4 | "description": "A Javascript client for the CTX side-channel defense", 5 | "main": "ctx.js", 6 | "devDependencies": { 7 | "jasmine": "^2.5.2", 8 | "karma": "^1.3.0", 9 | "karma-chrome-launcher": "^2.0.0", 10 | "karma-cli": "^1.0.1", 11 | "karma-jasmine": "^1.0.2" 12 | }, 13 | "scripts": { 14 | "test": "jasmine" 15 | }, 16 | "repository": { 17 | "type": "git", 18 | "url": "git+https://github.com/dimkarakostas/ctx.git" 19 | }, 20 | "keywords": [ 21 | "ctx", 22 | "side-channel", 23 | "attack", 24 | "compression", 25 | "breach", 26 | "crime", 27 | "rupture" 28 | ], 29 | "author": "Dionysis Zindros", 30 | "license": "MIT", 31 | "bugs": { 32 | "url": "https://github.com/dimkarakostas/ctx/issues" 33 | }, 34 | "homepage": "https://github.com/dimkarakostas/ctx#readme" 35 | } 36 | -------------------------------------------------------------------------------- /client/__tests__/ctx_example.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | CTX test 6 | 7 | 8 | 9 | secret1, origin1:
h/XU%40C%2B%40%22Xdar%23D%0AFy%3FR

10 | secret2, origin2:
%5EMF-fmAfVFT%22Jz2%3A%26uUt

11 | secret3, origin3:
%23%095ev%40Yvq5g%22tl%3CPJ%0CX%7D

12 | Permutations:
13 | 14 | 15 | -------------------------------------------------------------------------------- /python/flask-ctx/flask_ctx/context_processors.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | 3 | from ctx_defense import CTX 4 | from json import dumps 5 | from flask import Markup 6 | from urllib import quote 7 | 8 | 9 | def ctx_processor(): 10 | ctx_object = CTX() 11 | 12 | def ctx_protect(secret, origin=None, alphabet=None): 13 | protected_secret = ctx_object.protect(secret, origin, alphabet) 14 | return Markup( 15 | "
{permuted}
".format( 16 | origin_id=protected_secret['origin_id'], 17 | permuted=quote(protected_secret['permuted']) 18 | ) 19 | ) 20 | 21 | def ctx_permutations(): 22 | return Markup( 23 | "".format( 24 | permutations=dumps( 25 | ctx_object.get_permutations() 26 | ) 27 | ) 28 | ) 29 | 30 | return { 31 | 'ctx_protect': ctx_protect, 32 | 'ctx_permutations': ctx_permutations 33 | } 34 | -------------------------------------------------------------------------------- /python/django-ctx/django_ctx/templatetags/ctx_tags.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | 3 | from django import template 4 | from json import dumps 5 | from urllib import quote 6 | 7 | register = template.Library() 8 | 9 | 10 | @register.inclusion_tag('ctx/protected.html', takes_context=True) 11 | def ctx_protect(context, secret, origin=None, alphabet=None): 12 | try: 13 | ctx = context['ctx'] 14 | except KeyError: 15 | raise KeyError('ctx not in Template context. Is the context processor for ctx properly set?') 16 | 17 | protected_secret = ctx.protect(secret, origin, alphabet) 18 | 19 | return { 20 | 'permuted': quote(protected_secret['permuted']), 21 | 'origin_id': protected_secret['origin_id'] 22 | } 23 | 24 | 25 | @register.inclusion_tag('ctx/permutations.html', takes_context=True) 26 | def ctx_permutations(context): 27 | try: 28 | ctx = context['ctx'] 29 | except KeyError: 30 | raise KeyError('ctx not in Template context. Is the context processor for ctx properly set?') 31 | return { 32 | 'permutations': dumps( 33 | ctx.get_permutations() 34 | ) 35 | } 36 | -------------------------------------------------------------------------------- /python/django-ctx/django_ctx/tests/settings.py: -------------------------------------------------------------------------------- 1 | import os 2 | 3 | BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) 4 | SECRET_KEY = '_y^!lq+^sl*fx764zqb*)$_1=n0y^&m+n*%3(fpxipk389g(@z' 5 | DEBUG = True 6 | INSTALLED_APPS = [ 7 | 'django_ctx', 8 | 'django.contrib.auth', 9 | 'django.contrib.contenttypes', 10 | ] 11 | TEMPLATES = [ 12 | { 13 | 'BACKEND': 'django.template.backends.django.DjangoTemplates', 14 | 'DIRS': [os.path.join(BASE_DIR, 'tests', 'templates')], 15 | 'APP_DIRS': True, 16 | 'OPTIONS': { 17 | 'context_processors': [ 18 | 'django.template.context_processors.debug', 19 | 'django.template.context_processors.request', 20 | 'django.contrib.auth.context_processors.auth', 21 | 'django.contrib.messages.context_processors.messages', 22 | 'django_ctx.context_processors.ctx_protect', 23 | ], 24 | }, 25 | }, 26 | ] 27 | DATABASES = { 28 | 'default': { 29 | 'ENGINE': 'django.db.backends.sqlite3', 30 | 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'), 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2016 Crypto Sec Group, University of Athens 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /python/django-ctx/LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2016 Dimitris Karakostas 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /python/ctx-defense/LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2016 Crypto Sec Group, University of Athens 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /python/flask-ctx/LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2016 Crypto Sec Group, University of Athens 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /python/ctx-defense/README.rst: -------------------------------------------------------------------------------- 1 | ctx 2 | ============== 3 | 4 | The CTX defense library. 5 | 6 | Installation 7 | ============ 8 | 9 | - Install the latest stable version using ``pip``: 10 | 11 | ```sh 12 | pip install ctx-defense 13 | ``` 14 | 15 | Basic Usage 16 | =========== 17 | 18 | - Import the CTX class from ctx and initialize the ctx object: 19 | ```python 20 | from ctx_defense import CTX 21 | 22 | ctx_object = CTX() 23 | ``` 24 | 25 | - Protect a secret from an origin with a specific alphabet: 26 | ```python 27 | protected_secret = ctx_object.protect(secret, origin, alphabet) 28 | ``` 29 | 30 | - Retrieve the permutations for all origins: 31 | ```python 32 | permutations = ctx_object.get_permutations() 33 | ``` 34 | 35 | - For more information on the CTX library and the classes it implements visit the defense's [website](https://github.com/dimkarakostas/ctx). 36 | 37 | Example 38 | ======= 39 | 40 | ```python 41 | from ctx_defense import CTX 42 | 43 | secret = 'A secret string' 44 | origin = 'user1' 45 | alphabet = 'ASCII' 46 | 47 | ctx_object = CTX() 48 | protected_secret = ctx_object.protect(secret, origin, alphabet) 49 | permutations = ctx_object.get_permutations() 50 | ``` 51 | -------------------------------------------------------------------------------- /nodejs/nodejs-ctx-defense/LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2016 Crypto Sec Group, University of Athens 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /nodejs/ctx-defense/README.md: -------------------------------------------------------------------------------- 1 | # ctx 2 | 3 | The CTX defense library in javascript. 4 | 5 | ## Installation 6 | 7 | npm install ctx-defense 8 | 9 | ## Basic Usage 10 | * Import the CTX class from ctx and initialize the ctx object: 11 | 12 | ``` 13 | const ctx = require('ctx-defense'); 14 | let ctxObject = new ctx; 15 | ``` 16 | 17 | * Protect a secret from an origin with a specific alphabet: 18 | 19 | ``` 20 | protectedSecret = ctxObject.Protect(secret, origin) 21 | ``` 22 | 23 | The origin parameter is optional. 24 | 25 | * Retrieve the permutations for all origins: 26 | 27 | ``` 28 | permutations = ctxObject.getPermutations(); 29 | ``` 30 | 31 | * For more information about how to use the ctx js library with express-handlebars 32 | visit [here](https://github.com/dimkarakostas/ctx/tree/master/nodejs/express-handlebars-ctx/) 33 | 34 | ### Example 35 | 36 | ``` 37 | const ctx = require('./ctx'); 38 | let secret = 'A secret string'; 39 | let origin = 'user1' 40 | let ctxObject = new ctx; 41 | 42 | let permutation = ctxDefense.protect(secret,origin); 43 | console.log('Permuted secret: ' + permutation.permuted + ' with originId ' + 44 | permutation.origin_id); 45 | 46 | let perm = ctxDefense.getPermutations(); 47 | 48 | ``` 49 | -------------------------------------------------------------------------------- /python/ctx-defense/setup.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | from setuptools import setup, find_packages 4 | 5 | 6 | setup( 7 | name="ctx-defense", 8 | version="1.0.0", 9 | author="Dimitris Karakostas", 10 | author_email="dimit.karakostas@gmail.com", 11 | url="https://github.com/dimkarakostas/ctx", 12 | description="The CTX defense library.", 13 | long_description=open("README.rst").read(), 14 | download_url="https://github.com/dimkarakostas/ctx", 15 | license="MIT", 16 | packages=find_packages(exclude=['ctx_defense.tests']), 17 | test_suite='nose.collector', 18 | tests_require=['nose'], 19 | include_package_data=True, 20 | keywords="ctx defense compression security BREACH", 21 | classifiers=[ 22 | "Development Status :: 3 - Alpha", 23 | "Environment :: Web Environment", 24 | "Intended Audience :: Developers", 25 | "License :: OSI Approved :: MIT License", 26 | "Operating System :: OS Independent", 27 | "Programming Language :: Python", 28 | "Programming Language :: Python :: 2", 29 | "Programming Language :: Python :: 2.7", 30 | "Topic :: Security", 31 | "Topic :: Security :: Cryptography", 32 | ], 33 | zip_safe=False, 34 | ) 35 | -------------------------------------------------------------------------------- /python/ctx-defense/ctx_defense/tests/permuters_test.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | 3 | import ctx_defense.permuters 4 | import unittest 5 | from string import printable 6 | 7 | 8 | class AsciiprintableTestCase(unittest.TestCase): 9 | def setUp(self): 10 | self.permuter = ctx_defense.permuters.AsciiPrintablePermuter() 11 | 12 | def test_permutation(self): 13 | permutation = self.permuter.get_permutation() 14 | self.assertEqual(set(printable), set(permutation)) 15 | 16 | def test_same_secret(self): 17 | secret = 'secret' 18 | permuted_1 = self.permuter.permute(secret) 19 | permuted_2 = self.permuter.permute(secret) 20 | self.assertEqual(permuted_1, permuted_2) 21 | 22 | def test_different_secret(self): 23 | secret_1 = 'secret_1' 24 | secret_2 = 'secret_2' 25 | permuted_1 = self.permuter.permute(secret_1) 26 | permuted_2 = self.permuter.permute(secret_2) 27 | self.assertNotEqual(permuted_1, permuted_2) 28 | 29 | def test_same_permutation_different_secret(self): 30 | secret_1 = '1234' 31 | secret_2 = '4321' 32 | permuted_1 = self.permuter.permute(secret_1) 33 | permuted_2 = self.permuter.permute(secret_2) 34 | self.assertEqual(permuted_1, permuted_2[::-1]) 35 | -------------------------------------------------------------------------------- /python/flask-ctx/setup.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | from setuptools import setup, find_packages 4 | 5 | 6 | setup( 7 | name="flask-ctx", 8 | version="1.0.0", 9 | author="Dimitris Karakostas", 10 | author_email="dimit.karakostas@gmail.com", 11 | url="https://github.com/dimkarakostas/ctx", 12 | description="A simple integration of the CTX defense against side-channel attacks for Flask projects.", 13 | long_description=open("README.rst").read(), 14 | download_url="https://github.com/dimkarakostas/ctx", 15 | license="MIT", 16 | packages=find_packages(exclude=['flask_ctx.tests']), 17 | test_suite='nose.collector', 18 | tests_require=['nose', 'Flask>=0.10', 'ctx-defense'], 19 | include_package_data=True, 20 | keywords="flask ctx defense compression security BREACH", 21 | install_requires=[ 22 | "Flask>=0.10", 23 | "ctx-defense", 24 | ], 25 | classifiers=[ 26 | "Environment :: Web Environment", 27 | "Framework :: Flask", 28 | "Intended Audience :: Developers", 29 | "License :: OSI Approved :: MIT License", 30 | "Operating System :: OS Independent", 31 | "Programming Language :: Python", 32 | "Programming Language :: Python :: 2", 33 | "Programming Language :: Python :: 2.7", 34 | "Topic :: Security", 35 | "Topic :: Security :: Cryptography", 36 | ], 37 | zip_safe=False, 38 | ) 39 | -------------------------------------------------------------------------------- /python/django-ctx/setup.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | from setuptools import setup, find_packages 4 | 5 | 6 | setup( 7 | name="django-ctx", 8 | version="1.0.0", 9 | author="Dimitris Karakostas", 10 | author_email="dimit.karakostas@gmail.com", 11 | url="https://github.com/dimkarakostas/ctx", 12 | description="A simple integration of the CTX defense against side-channel attacks for Django projects.", 13 | long_description=open("README.rst").read(), 14 | download_url="https://github.com/dimkarakostas/ctx", 15 | license="MIT", 16 | packages=find_packages(exclude=['django_ctx.tests']), 17 | test_suite='nose.collector', 18 | tests_require=['nose', 'Django>=1.9', 'ctx-defense'], 19 | include_package_data=True, 20 | keywords="django ctx defense compression security BREACH", 21 | install_requires=[ 22 | "Django>=1.9", 23 | "ctx-defense", 24 | ], 25 | classifiers=[ 26 | "Environment :: Web Environment", 27 | "Framework :: Django", 28 | "Intended Audience :: Developers", 29 | "License :: OSI Approved :: MIT License", 30 | "Operating System :: OS Independent", 31 | "Programming Language :: Python", 32 | "Programming Language :: Python :: 2", 33 | "Programming Language :: Python :: 2.7", 34 | "Topic :: Security", 35 | "Topic :: Security :: Cryptography", 36 | ], 37 | zip_safe=False, 38 | ) 39 | -------------------------------------------------------------------------------- /nodejs/ctx-defense/spec/ctxspec.js: -------------------------------------------------------------------------------- 1 | ctx = require('../ctx'); 2 | 3 | describe('CTX', () => { 4 | 5 | let FakeCTX = new ctx(); 6 | 7 | it('generates unique origin if not defined', () => { 8 | let permuted1 = FakeCTX.protect('secret'); 9 | let permuted2 = FakeCTX.protect('secret'); 10 | let permutations = FakeCTX.getPermutations(); 11 | expect(permutations[permuted1.origin_id]).not.toEqual(permutations[permuted2.origin_id]); 12 | }); 13 | 14 | it('returns the same permutation for different secrets of the same origin', () => { 15 | let permuted1 = FakeCTX.protect('secret','bob'); 16 | let permuted2 = FakeCTX.protect('newsecret','bob'); 17 | let permutations = FakeCTX.getPermutations(); 18 | expect(permuted1.origin_id).toEqual(permuted2.origin_id); 19 | }); 20 | 21 | it('returns the same permutation for the same secret for the same origin', () => { 22 | let permuted1 = FakeCTX.protect('secret','bob'); 23 | let permuted2 = FakeCTX.protect('secret','bob'); 24 | let permutations = FakeCTX.getPermutations(); 25 | expect(permuted1.permuted).toEqual(permuted2.permuted); 26 | }); 27 | 28 | it('returns different permutation for the same secret of different origins', () => { 29 | let permuted1 = FakeCTX.protect('secret','bob'); 30 | let permuted2 = FakeCTX.protect('secret','alice'); 31 | let permutations = FakeCTX.getPermutations(); 32 | expect(permuted1.origin_id).not.toEqual(permuted2.origin_id); 33 | }); 34 | 35 | }); 36 | -------------------------------------------------------------------------------- /nodejs/nodejs-ctx-defense/spec/ctxspec.js: -------------------------------------------------------------------------------- 1 | const {createCtxObject} = require('../nodejs-ctx-defense'); 2 | 3 | describe('nodejs-ctx-defense', () => { 4 | 5 | let ctx; 6 | beforeEach(function() { 7 | ctx = createCtxObject(); 8 | }); 9 | 10 | it('returns a div tag with the permuted secret', () => { 11 | let permuted = ctx.ctxProtect('secret'); 12 | let regex = /
[\x00-\x7F]*<\/div>/; 13 | expect(permuted).toMatch(regex); 14 | }); 15 | 16 | it('returns a script tag with an empty permutations list', () => { 17 | let permutations = ctx.ctxPermutations(); 18 | let regex = /'; 25 | 26 | installElement(fixture); 27 | } 28 | 29 | it('processes the trivial page', function() { 30 | installTranslationTable('[]'); 31 | let before = document.body.innerHTML; 32 | CTX.process(); 33 | let after = document.body.innerHTML; 34 | expect(before).toBe(after); 35 | }); 36 | 37 | it('applies the identity transform', function() { 38 | installElement('
abc
'); 39 | installTranslationTable('["abc"]'); 40 | CTX.process(); 41 | expect(document.getElementById('test').innerHTML).toBe('abc'); 42 | }); 43 | 44 | it('applies a simple transform', function() { 45 | installElement('
aaabbbccc
'); 46 | installTranslationTable('["cba"]'); 47 | CTX.process(); 48 | expect(document.getElementById('test').innerHTML).toBe('cccbbbaaa'); 49 | }); 50 | 51 | afterEach(function() { 52 | document.body.removeElement(document.getElementById('fixture')); 53 | }); 54 | }); 55 | */ 56 | -------------------------------------------------------------------------------- /client/my.conf.js: -------------------------------------------------------------------------------- 1 | // Karma configuration 2 | // Generated on Tue Sep 27 2016 18:21:25 GMT+0300 (EEST) 3 | 4 | module.exports = function(config) { 5 | config.set({ 6 | 7 | // base path that will be used to resolve all patterns (eg. files, exclude) 8 | basePath: '', 9 | 10 | 11 | // frameworks to use 12 | // available frameworks: https://npmjs.org/browse/keyword/karma-adapter 13 | frameworks: ['jasmine'], 14 | 15 | 16 | // list of files / patterns to load in the browser 17 | files: [ 18 | '__tests__/*.js', 19 | '*.js' 20 | ], 21 | 22 | 23 | // list of files to exclude 24 | exclude: [ 25 | ], 26 | 27 | 28 | // preprocess matching files before serving them to the browser 29 | // available preprocessors: https://npmjs.org/browse/keyword/karma-preprocessor 30 | preprocessors: { 31 | }, 32 | 33 | 34 | // test results reporter to use 35 | // possible values: 'dots', 'progress' 36 | // available reporters: https://npmjs.org/browse/keyword/karma-reporter 37 | reporters: ['progress'], 38 | 39 | 40 | // web server port 41 | port: 9876, 42 | 43 | 44 | // enable / disable colors in the output (reporters and logs) 45 | colors: true, 46 | 47 | 48 | // level of logging 49 | // possible values: config.LOG_DISABLE || config.LOG_ERROR || config.LOG_WARN || config.LOG_INFO || config.LOG_DEBUG 50 | logLevel: config.LOG_INFO, 51 | 52 | 53 | // enable / disable watching file and executing tests whenever any file changes 54 | autoWatch: true, 55 | 56 | 57 | // start these browsers 58 | // available browser launchers: https://npmjs.org/browse/keyword/karma-launcher 59 | browsers: ['Chrome'], 60 | 61 | 62 | // Continuous Integration mode 63 | // if true, Karma captures browsers, runs the tests and exits 64 | singleRun: false, 65 | 66 | // Concurrency level 67 | // how many browser should be started simultaneous 68 | concurrency: Infinity 69 | }) 70 | } 71 | -------------------------------------------------------------------------------- /python/flask-ctx/README.rst: -------------------------------------------------------------------------------- 1 | flask-ctx 2 | ============== 3 | 4 | A simple integration of the CTX defense against side-channel attacks for Flask projects. 5 | 6 | Requirements 7 | ============ 8 | 9 | - Python 2.5+ 10 | - Flask 0.10+ 11 | - ctx-defense 12 | 13 | Installation 14 | ============ 15 | 16 | - Install the latest stable version using ``pip``: 17 | 18 | ```sh 19 | pip install flask-ctx 20 | ``` 21 | 22 | Configuration 23 | ============= 24 | 25 | - Import the *ctx_processor* function from ctx's context processors: 26 | ```python 27 | from flask_ctx.context_processors import ctx_processor 28 | ``` 29 | 30 | - Add the *ctx_processor* in the application's context processors: 31 | ```python 32 | app.context_processor(ctx_processor) 33 | ``` 34 | 35 | Basic Usage 36 | =========== 37 | 38 | - Use the *ctx_protect* function to use ctx on secrets: 39 | ```html 40 | {{ ctx_protect(secret, origin, alphabet) }} 41 | ``` 42 | 43 | *secret* is a string containing the secret that needs to be protected and *origin* 44 | is a string uniquely identifying the CTX origin for the secret. *alphabet* is 45 | an optional argument to define the alphabet that the secret belongs to, default 46 | being the [ASCII_printable](https://docs.python.org/2/library/string.html#string.printable) characters. 47 | 48 | - Add the *ctx_permutations* function to include the used permutations for each 49 | origin: 50 | ```html 51 | {{ ctx_permutations() }} 52 | ``` 53 | 54 | The *ctx_permutations* function needs to run after all *ctx_protect* calls 55 | that use an origin for the first time. It is proposed that it is included 56 | before the ** HTML tag. 57 | 58 | - Include the ctx *client script* in the template: 59 | ```html 60 | 61 | ``` 62 | 63 | Example 64 | ======= 65 | 66 | ```html 67 | 68 | 69 | 70 | 71 | 72 | 73 | flask-ctx Example 74 | 75 | 76 | 77 | This is a very sensitive secret: {{ ctx_protect("a secret", "origin1") }} 78 | This is another very sensitive secret: {{ ctx_protect("another secret", "origin2") }} 79 | 80 | {{ ctx_permutations() }} 81 | 82 | 83 | 84 | 85 | ``` 86 | -------------------------------------------------------------------------------- /python/django-ctx/django_ctx/tests/context_processor_test.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | 3 | import os 4 | import re 5 | 6 | from django import setup 7 | from django.test import TestCase 8 | from django.test.client import RequestFactory 9 | from django.template.response import TemplateResponse 10 | 11 | from string import printable 12 | 13 | os.environ.setdefault("DJANGO_SETTINGS_MODULE", "django_ctx.tests.settings") 14 | setup() 15 | 16 | 17 | class BaseTestCase(TestCase): 18 | def setUp(self): 19 | self.reqfactory = RequestFactory() 20 | 21 | 22 | class CtxprocessorTestCase(BaseTestCase): 23 | def test_context_variable(self): 24 | req = self.reqfactory.get('/') 25 | res = TemplateResponse(req, 'variable.html', {}) 26 | res.render() 27 | regex = r"<ctx_defense\.app\.CTX object at 0x[0-9a-f]*>" 28 | self.assertTrue( 29 | re.match(regex, res.rendered_content) 30 | ) 31 | 32 | 33 | class AsciiprintableTestCase(BaseTestCase): 34 | def test_protect_tag(self): 35 | req = self.reqfactory.get('/') 36 | res = TemplateResponse(req, 'protect.html', {}) 37 | regex = r"(
)([{p}]*)(
)\n\n".format(p=re.escape(printable)) 38 | self.assertTrue( 39 | re.match(regex, res.rendered_content) 40 | ) 41 | 42 | def test_permutations_tag(self): 43 | req = self.reqfactory.get('/') 44 | res = TemplateResponse(req, 'permutations.html', {}) 45 | regex = r"( 73 | ``` 74 | 75 | Example 76 | ======= 77 | ```html 78 | 79 | 80 | 81 | 82 | 83 | 84 | django-ctx Example 85 | 86 | 87 | 88 | {% load ctx_tags %} 89 | 90 | This is a very sensitive secret from origin1: {% ctx_protect "my secret" "origin1" %} 91 | This is another very sensitive secret from origin2: {% ctx_protect "my other secret" "origin2" "ASCII_printable" %} 92 | 93 | {% ctx_permutations %} 94 | 95 | 96 | 97 | 98 | ``` 99 | -------------------------------------------------------------------------------- /client/ctx.js: -------------------------------------------------------------------------------- 1 | /* Generic base CTX library. 2 | * Exposes CTX inverse permutation for client-side processing. */ 3 | 4 | let CTX = { 5 | unpermute: function(permutation, permuted) { 6 | // console.log('Unpermuting "' + permuted + '"\ 7 | // by reversing permutation "' + permutation + '"'); 8 | let secretAlphabet = permutation.split('').slice(); 9 | secretAlphabet.sort(); 10 | 11 | let secret = ''; 12 | let inversePermutationMap = {}; 13 | 14 | // inversePermutationMap = _.zipObject(permutation, secretAlphabet) 15 | for (let i = 0; i < secretAlphabet.length; ++i) { 16 | inversePermutationMap[permutation[i]] = secretAlphabet[i]; 17 | } 18 | 19 | for (let i = 0; i < permuted.length; ++i) { 20 | secret += inversePermutationMap[permuted[i]]; 21 | } 22 | 23 | return secret; 24 | }, 25 | }; 26 | 27 | /* HTML-specific CTX library. 28 | * Applies the inverse CTX permutation on HTML secrets stored in div tags. 29 | * Reads forward permutation table from application/json. */ 30 | let CTXHTML = { 31 | permutations: [], 32 | _unpermuteElement: function(element) { 33 | let idx = element.dataset.ctxOrigin; 34 | 35 | if (idx >= this.permutations.length) { 36 | // console.log('CTX: Invalid permutation index: ' + idx + '. Skipping.'); 37 | return; 38 | } 39 | 40 | let permutation = this.permutations[idx]; 41 | let permuted = element.innerHTML; 42 | // console.log('Permuted secret: ', permuted); 43 | permuted = decodeURIComponent(permuted); 44 | // console.log('Decoded permuted secret: ', permuted); 45 | let secret = CTX.unpermute(permutation, permuted); 46 | element.innerHTML = secret; 47 | }, 48 | _getPermutedElements: function() { 49 | return document.querySelectorAll('div[data-ctx-origin]'); 50 | }, 51 | _getPermutations: function() { 52 | let permutationsElement = document.getElementById('ctx-permutations'); 53 | 54 | if (permutationsElement == null) { 55 | throw 'CTX: No permutation translation table is available. Aborting.' 56 | } 57 | this.permutations = JSON.parse(permutationsElement.textContent); 58 | // console.log('Recovered permutations table:'); 59 | // console.log(this.permutations); 60 | }, 61 | process: function() { 62 | this._getPermutations(); 63 | let elements = this._getPermutedElements(); 64 | 65 | for (let i = 0; i < elements.length; ++i) { 66 | this._unpermuteElement(elements[i]); 67 | } 68 | } 69 | }; 70 | 71 | document.addEventListener('DOMContentLoaded', CTXHTML.process.bind(CTXHTML)); 72 | -------------------------------------------------------------------------------- /nodejs/ctx-defense/ctx.js: -------------------------------------------------------------------------------- 1 | const shuffle = require('shuffle-array'), 2 | _ = require('lodash'); 3 | 4 | class AsciPrintable { 5 | constructor() { 6 | this.alphabet = []; 7 | this.permuter = []; 8 | this.dict = {}; 9 | 10 | let asciiSpecialStart = 9; 11 | let asciiSpecialStop = 13; 12 | 13 | let asciiStart = 32; 14 | let asciiStop = 126; 15 | 16 | //alphabet array contains all ASCII symbols 17 | for (let i = asciiSpecialStart; i <= asciiSpecialStop; i++) { 18 | this.alphabet.push(String.fromCharCode(i)); 19 | } 20 | 21 | for (let i = asciiStart; i <= asciiStop; i++) { 22 | this.alphabet.push(String.fromCharCode(i)); 23 | } 24 | 25 | this.permuter = shuffle(this.alphabet.slice()); 26 | this.dict = _.zipObject(this.alphabet, this.permuter); 27 | } 28 | 29 | getPermutation() { 30 | return this.permuter.join(''); 31 | } 32 | 33 | permute(secret) { 34 | let permSecret = _.map(secret, (secretChar) => { 35 | return this.dict[secretChar]; 36 | }); 37 | return permSecret.join(''); 38 | } 39 | } 40 | 41 | class CTX { 42 | constructor() { 43 | this.permuters = []; 44 | this.origins = {}; 45 | } 46 | 47 | getPermutations() { 48 | let allpermuters = []; 49 | for (let i = 0; i < this.permuters.length; i++) { 50 | allpermuters[i] = this.permuters[i].getPermutation(); 51 | } 52 | return allpermuters; 53 | } 54 | 55 | protect(secret, origin) { 56 | let permuter; 57 | let originId; 58 | 59 | try{ 60 | if (typeof secret === 'undefined') throw 'Secret not set'; 61 | } 62 | catch(err) { 63 | console.log(err); 64 | return; 65 | } 66 | 67 | if (typeof origin === 'undefined') { 68 | do { 69 | let possible = 'abcdefghijklmnopqrstuvwxyz'; 70 | for (let i = 0; i < 10; i++) 71 | origin += possible.charAt(Math.floor(Math.random() * possible.length)); 72 | } while (typeof this.origins[origin] !== 'undefined'); 73 | } 74 | 75 | if (typeof this.origins[origin] !== 'undefined') { 76 | originId = this.origins[origin]; 77 | permuter = this.permuters[originId]; 78 | } 79 | else { 80 | permuter = new AsciPrintable(); 81 | originId = this.permuters.length; 82 | this.origins[origin] = originId; 83 | this.permuters.push(permuter); 84 | } 85 | 86 | let permuted = permuter.permute(secret); 87 | return { 88 | 'origin_id': originId, 89 | 'permuted': permuted 90 | }; 91 | } 92 | } 93 | 94 | module.exports = CTX; 95 | -------------------------------------------------------------------------------- /etc/experiments/experiment_library.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | 3 | import os 4 | import random 5 | import gzip 6 | import string 7 | from time import time 8 | from json import dumps 9 | from cgi import escape 10 | from random import shuffle 11 | 12 | from ctx_defense import CTX 13 | 14 | BASE_DIR = os.path.dirname(os.path.abspath(__file__)) 15 | RESULTS_DIR = os.path.join(BASE_DIR, 'results') 16 | if not os.path.exists(RESULTS_DIR): 17 | os.makedirs(RESULTS_DIR) 18 | 19 | ENGLISH_TEXT = 'cleared_social_network' 20 | 21 | 22 | def ctx_protect(ctx_object, secret, origin=None, alphabet=None): 23 | protected_secret = ctx_object.protect(secret, origin, alphabet) 24 | return "
{permuted}
".format( 25 | origin_id=protected_secret['origin_id'], 26 | permuted=escape(protected_secret['permuted']) 27 | ) 28 | 29 | 30 | def ctx_permutations(ctx_object): 31 | return "".format( 32 | permutations=dumps( 33 | ctx_object.get_permutations() 34 | ) 35 | ) 36 | 37 | 38 | def create_random_secret(length): 39 | return ''.join([random.choice(string.printable) for _ in range(length)]) 40 | 41 | 42 | def create_printable_secret(length): 43 | alphabet_list = list(string.printable) 44 | shuffle(alphabet_list) 45 | alphabet = ''.join(alphabet_list) 46 | secret = '' 47 | while len(secret) < length: 48 | secret += alphabet[len(secret) % len(alphabet)] 49 | return secret 50 | 51 | 52 | def create_english_secret(length): 53 | with open(ENGLISH_TEXT, 'r') as f: 54 | english_text = f.read() 55 | secret_start = random.randint(0, len(english_text)-length) 56 | return english_text[secret_start:secret_start+length] 57 | 58 | 59 | def test(origin_len, secret_len, secrets_per_origin=1, mode='random'): 60 | create_secret = { 61 | 'random': create_random_secret, 62 | 'printable': create_printable_secret, 63 | 'english': create_english_secret, 64 | } 65 | origins = ['origin'+str(i) for i in range(origin_len)] 66 | aggr = [] 67 | for i, _ in enumerate(origins): 68 | for _ in range(secrets_per_origin): 69 | aggr.append( 70 | (create_secret[mode](secret_len), origins[i]) 71 | ) 72 | 73 | t = time() 74 | c = CTX() 75 | protected = [] 76 | for item in aggr: 77 | protected.append(ctx_protect(c, item[0], item[1])) 78 | protected.append(ctx_permutations(c)) 79 | return time() - t, protected, [a[0] for a in aggr] 80 | 81 | 82 | def file_write(identification, lst): 83 | with open(os.path.join(RESULTS_DIR, identification), 'w') as f: 84 | f.write(''.join(lst)) 85 | 86 | 87 | def zip_file_write(identification, lst): 88 | with gzip.open(os.path.join(RESULTS_DIR, '{}.gz'.format(identification)), 'wb') as f: 89 | f.write(''.join(lst)) 90 | -------------------------------------------------------------------------------- /python/ctx-defense/ctx_defense/app.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | 3 | from random import choice 4 | from string import ascii_lowercase 5 | from copy import deepcopy 6 | from permuters import AsciiPrintablePermuter 7 | 8 | 9 | class PermutationUnavailableError(Exception): 10 | '''Custom exception to handle cases when the secret alphabet parameter for CTX 11 | initialization does not correspond to an implemented permuter.''' 12 | pass 13 | 14 | 15 | class CTX(object): 16 | '''The CTX defense class. Maintains the state of all generated permutations 17 | per origin and uses permuters for permutations on secret alphabets. 18 | 19 | Implements the following interface: 20 | available_permuters: Dictionary that defines the 21 | implemented permuters. The keys are strings that 22 | identify the secret alphabet and the values are classes that implement 23 | the following interface: 24 | get_permutation(), permute(secret). 25 | get_permutations(): Returns a list of strings, the i-th string being the 26 | generated permutation for the origin with origin_id = i. 27 | protect(secret, , ): Accepts one to three string 28 | parameters. If no *origin* is given, a random identifier of 10 29 | lowercase letters is generated. If no *secret_alphabet* is given, 30 | *ASCII_printable* is used by default. Applies the permutation that 31 | was generated for the *origin* on the *secret*. If *protect* is 32 | called for the first time for the *origin*, *secret_alphabet* must 33 | be set and exist in the keys of *available_permutation_permuters*. 34 | In this case, a permutation is generated for the *origin*. Returns 35 | a dictionary with the following fields: 36 | origin_id: An integer that identifies the *origin*. 37 | permuted: A string containing the permuted secret.''' 38 | available_permuters = { 39 | 'ASCII_printable': AsciiPrintablePermuter 40 | } 41 | 42 | def __init__(self): 43 | self._permuters = [] 44 | self._permutations = [] 45 | self._origins = {} 46 | 47 | def get_permutations(self): 48 | return deepcopy(self._permutations) 49 | 50 | def protect(self, secret, origin=None, secret_alphabet=None): 51 | if type(secret) != str: 52 | secret = str(secret) 53 | try: 54 | if origin and type(origin) != str: 55 | origin = str(origin) 56 | origin_id = self._origins[origin] 57 | permuter = self._permuters[origin_id] 58 | except KeyError: 59 | try: 60 | if not secret_alphabet: 61 | secret_alphabet = 'ASCII_printable' 62 | permuter = self.available_permuters[secret_alphabet]() 63 | except KeyError: 64 | raise PermutationUnavailableError('Permuter for given alphabet is not available.') 65 | origin_id = len(self._permuters) 66 | while not origin or origin in self._origins: 67 | origin = ''.join(choice(ascii_lowercase) for _ in range(10)) 68 | self._origins[origin] = origin_id 69 | self._permuters.append(permuter) 70 | self._permutations.append(permuter.get_permutation()) 71 | 72 | return { 73 | 'origin_id': origin_id, 74 | 'permuted': permuter.permute(secret) 75 | } 76 | -------------------------------------------------------------------------------- /etc/experiments/experiment.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | 3 | import os 4 | import gzip 5 | from experiment_library import test, zip_file_write, file_write, RESULTS_DIR 6 | 7 | 8 | TEST_PAGE = 'cleared_youtube' 9 | with open(TEST_PAGE, 'r') as f: 10 | TOTAL = len(f.read()) 11 | with gzip.open(TEST_PAGE + '.gz', 'w') as f: 12 | with open(TEST_PAGE, 'r') as g: 13 | total = g.read() 14 | f.write(total) 15 | with open(TEST_PAGE + '.gz', 'r') as f: 16 | TOTAL_ZIP = len(f.read()) 17 | 18 | ORIGIN_LEN = 50 19 | SECRETS_PER_ORIGIN = 1 20 | RATE = 0.01 21 | 22 | 23 | def general_info(experiment_name, mode): 24 | info = [] 25 | info.append('=======CTX Benchmark=======\n') 26 | info.append('Total length: {}'.format(TOTAL)) 27 | info.append('Total zipped length: {}'.format(TOTAL_ZIP)) 28 | info.append('Origins: {}'.format(ORIGIN_LEN)) 29 | info.append('Secrets per origin: {}'.format(SECRETS_PER_ORIGIN)) 30 | info.append('Mode: {}'.format(mode)) 31 | info.append('Rate: {}'.format(RATE)) 32 | info.append('EXPERIMENT: {}'.format(experiment_name)) 33 | info.append('\n') 34 | return '\n'.join(info) 35 | 36 | 37 | def experiment_info(identification, total, t, mode, experiment_name): 38 | with open(os.path.join(RESULTS_DIR, '{}_{}_{}_unprotected_total'.format(mode, identification, experiment_name)), 'r') as f: 39 | unprotected_total = len(f.read()) 40 | with open(os.path.join(RESULTS_DIR, '{}_{}_{}_total'.format(mode, identification, experiment_name)), 'r') as f: 41 | protected_total = len(f.read()) 42 | with open(os.path.join(RESULTS_DIR, '{}_{}_{}_unprotected_total.gz'.format(mode, identification, experiment_name)), 'r') as f: 43 | unprotected_total_zip = len(f.read()) 44 | with open(os.path.join(RESULTS_DIR, '{}_{}_{}_total.gz'.format(mode, identification, experiment_name)), 'r') as f: 45 | protected_total_zip = len(f.read()) 46 | overhead = '%sOverhead: %.5f | %d' % ( 47 | str(identification) + ' '*(10-len(str(identification))), 48 | (protected_total-unprotected_total)/float(unprotected_total), 49 | protected_total-unprotected_total, 50 | ) 51 | overhead_zip = '%sOverhead zipped: %.5f | %d' % ( 52 | str(identification) + ' '*(10-len(str(identification))), 53 | (protected_total_zip-unprotected_total_zip)/float(unprotected_total_zip), 54 | protected_total_zip-unprotected_total_zip 55 | ) 56 | time = '%stime: %.5f' % ( 57 | str(identification) + ' '*(10-len(str(identification))), 58 | t 59 | ) 60 | return { 61 | 'overhead': overhead, 62 | 'overhead_zip': overhead_zip, 63 | 'time': time, 64 | } 65 | 66 | EXPERIMENTS = [ 67 | ('rate', [(0.001*i, 0.001*i, SECRETS_PER_ORIGIN, TOTAL, ORIGIN_LEN) for i in range(1, 50, 1)]), 68 | ('secret_per_origin', [(i, RATE, i, TOTAL, ORIGIN_LEN) for i in range(1, 50, 1)]), 69 | ('total', [(TOTAL/i, RATE, SECRETS_PER_ORIGIN, TOTAL/i, ORIGIN_LEN) for i in range(50, 0, -1)]), 70 | ('origins', [(i, RATE, SECRETS_PER_ORIGIN, TOTAL, i) for i in range(1, 50, 1)]), 71 | ] 72 | 73 | MODES = [ 74 | 'english', 75 | 'printable', 76 | 'random' 77 | ] 78 | 79 | for mode in MODES: 80 | for experiment in EXPERIMENTS: 81 | experiment_name = experiment[0] 82 | experiment_stats = experiment[1] 83 | info = '' 84 | 85 | info += general_info(experiment_name, mode) 86 | overhead = [] 87 | overhead_zip = [] 88 | time = [] 89 | 90 | for i in experiment_stats: 91 | identification = i[0] 92 | rate = i[1] 93 | secrets_per_origin = i[2] 94 | total = i[3] 95 | origin_len = i[4] 96 | 97 | origins = int(origin_len/secrets_per_origin) 98 | secret_len = int((rate*total) / (origins*secrets_per_origin)) 99 | 100 | with open(TEST_PAGE, 'r') as f: 101 | cleared = f.read()[:total] 102 | 103 | t, protected, secrets = test(origins, secret_len, secrets_per_origin, mode) 104 | 105 | blueprint = cleared[:-1*len(''.join(secrets))] 106 | 107 | aggr = blueprint + ''.join(secrets) 108 | unp = len(aggr) 109 | file_write('{}_{}_{}_unprotected_total'.format(mode, identification, experiment_name), aggr) 110 | zip_file_write('{}_{}_{}_unprotected_total'.format(mode, identification, experiment_name), aggr) 111 | 112 | aggr = blueprint + ''.join(protected) 113 | p = len(aggr) 114 | file_write('{}_{}_{}_total'.format(mode, identification, experiment_name), aggr) 115 | zip_file_write('{}_{}_{}_total'.format(mode, identification, experiment_name), aggr) 116 | 117 | i = experiment_info(identification, total, t, mode, experiment_name) 118 | 119 | overhead.append(i['overhead']) 120 | overhead_zip.append(i['overhead_zip']) 121 | time.append(i['time']) 122 | 123 | info += '\n'.join(overhead) 124 | info += '\n' 125 | info += '\n'.join(overhead_zip) 126 | info += '\n' 127 | info += '\n'.join(time) 128 | 129 | with open(os.path.join(RESULTS_DIR, '{}_{}_{}_{}_{}_info'.format(experiment_name, TOTAL, mode, ORIGIN_LEN, SECRETS_PER_ORIGIN)), 'w') as f: 130 | f.write(info) 131 | 132 | print info 133 | -------------------------------------------------------------------------------- /nodejs/nodejs-ctx-defense/README.md: -------------------------------------------------------------------------------- 1 | # nodejs-ctx-defense 2 | 3 | A simple integration of the CTX defence for nodejs projects. 4 | It has been tested for the following: 5 | * Express/express-Handlebars 6 | * Express/pug(jade) 7 | * Express/EJS 8 | * Koa/koa-pug 9 | 10 | ## Installation 11 | 12 | Run ``` npm install --save nodejs-ctx-defense ``` 13 | 14 | ## Basic Usage for an Express-Handlerbars project 15 | 16 | Import *nodejs-ctx-defense* to your Express project 17 | 18 | ```{createCtxObject} = require('./nodejs-ctx-defense');``` 19 | initialise the ctxObject 20 | 21 | ``` 22 | let CtxObject = createCtxObject(); 23 | ``` 24 | and add ctxProtect and ctxPermutations in your helpers: 25 | 26 | ``` 27 | helpers: { 28 | ctxProtect: CtxObject.ctxProtect, 29 | ctxPermutations: CtxObject.ctxPermutations 30 | } 31 | ``` 32 | 33 | Use *ctxProtect* helper in your Handlebars template to use ctx on secrets: 34 | 35 | ```html 36 | {{ ctxProtect 'a secret' 'an origin' }}} 37 | ``` 38 | 39 | *secret* is a string containing the secret that needs to be protected and 40 | *origin* is a string uniquely identifying the CTX origin for the secret. 41 | 42 | 43 | Add the *ctxPermutations* helper in your Handlebars template 44 | to include the used permutations for each origin: 45 | ```html 46 | {{ ctxPermutations }} 47 | ``` 48 | 49 | The *ctxPermutations* helper needs to be included after all *ctxProtect* 50 | helpers that use an origin for the first time. It is proposed that it is 51 | included before the ** HTML tag. 52 | 53 | Include the client ctx script tag before the ** HTML tag: 54 | 55 | ``` 56 | 147 | 148 | 149 | ``` 150 | 151 | ## Basic Usage for an Express/pug(jade) project 152 | 153 | Import *nodejs-ctx-defense* to your Express/pug project, 154 | 155 | ``` {createCtxObject} = require('./nodejs-ctx-defense'); ``` 156 | 157 | initialise the ctxObject inside app.get 158 | 159 | ``` 160 | let CtxObject = createCtxObject(); 161 | ``` 162 | and add ctxProtect and ctxPermutations in your app.locals 163 | 164 | ``` 165 | app.locals.ctxProtect = ctxObject.ctxProtect; 166 | app.locals.ctxPermutations = ctxPermutations; 167 | ``` 168 | 169 | Use *ctxProtect* to your pug templates to use ctx on secrets: 170 | 171 | ```html 172 | div ctxProtect('a secret' 'an origin') 173 | ``` 174 | 175 | *secret* is a string containing the secret that needs to be protected and 176 | *origin* is a string uniquely identifying the CTX origin for the secret. 177 | 178 | 179 | Add the *ctxPermutations* to your pug templates to 180 | to include the used permutations for each origin: 181 | ```html 182 | div=ctxPermutations() 183 | ``` 184 | 185 | The *ctxPermutations* helper needs to be included after all *ctxProtect* 186 | helpers that use an origin for the first time. It is proposed that it is 187 | included before the ** HTML tag. 188 | 189 | ### Example 190 | 191 | app.js 192 | 193 | ``` 194 | const express = require('express'), 195 | pug = require('pug'), 196 | {createCtxObject} = require('nodejs-ctx-defense'); 197 | 198 | let app = express(); 199 | 200 | app.set('view engine', 'pug'); 201 | 202 | app.get('/', function (req, res) { 203 | let ctxObject = createCtxObject() 204 | app.locals.ctxProtect = ctxObject.ctxProtect; 205 | app.locals.ctxPermutations = ctxObject.ctxPermutations; 206 | res.render('index', { 207 | }); 208 | }); 209 | 210 | app.listen(3000); 211 | ``` 212 | 213 | 214 | /view/index.pug 215 | 216 | ``` 217 | Html 218 | Head 219 | title pug ctx exapmle 220 | Body 221 | div secret1 from user1 222 | div!=ctxProtect('lorem ipsum', 'user1') 223 | div secret1 from user1 224 | div!=ctxProtect('dolor sit amet', 'user1') 225 | div secret2 from user2 226 | div!=ctxProtect('Lorem ipsum dolor sit amet',o 'user2') 227 | div!=ctxPermutations() 228 | ``` 229 | 230 | ### Basic Usage in Express/EJS projects 231 | 232 | Import *nodejs-ctx-defense* to your Express/EJS project, initialise ctxObject and 233 | add ctxProtect and ctxPermutations in your app.locals, 234 | as decribed for the Express/Jade projects. 235 | 236 | Add ctxProtect tag in your EJS template 237 | 238 | ``` 239 | <%- ctxProtect('secret', 'origin') %> 240 | ``` 241 | 242 | and ctxPermutations tag before 243 | 244 | ``` 245 | <%- ctxPermutations() %> 246 | ``` 247 | 248 | ### Basic Usage in Koa/koa-pug projects 249 | 250 | Import *nodejs-ctx-defense* to your Koa/koa-pug project, 251 | 252 | ``` {createCtxObject} = require('nodejs-ctx-defense'); ``` 253 | 254 | initialise the ctxObject inside app.use 255 | 256 | ``` 257 | let CtxObject = createCtxObject(); 258 | ``` 259 | and add ctxProtect and ctxPermutations in your pug.locals 260 | 261 | ``` 262 | pug.locals.ctxProtect = ctxObject.ctxProtect; 263 | pug.locals.ctxPermutations = ctxPermutations; 264 | ``` 265 | The tag in the pug template are the same as metioned above 266 | for the Express/pug projects 267 | 268 | 269 | #### Example 270 | 271 | app.js 272 | 273 | ``` 274 | const koa = require('koa'), 275 | router = require('koa-route'), 276 | Pug = require('koa-pug'), 277 | {createCtxObject} = require('nodejs-ctx-defense'); 278 | 279 | const app = koa() 280 | 281 | const pug = new Pug({ 282 | viewPath: './views', 283 | app: app 284 | }) 285 | 286 | app.use(router.get('/', function* () { 287 | let ctxObject = createCtxObject(); 288 | pug.locals.ctxProtect = ctxObject.ctxProtect; 289 | pug.locals.ctxPermutations = ctxObject.ctxPermutations; 290 | this.render('index', true) 291 | })); 292 | app.listen(3000); 293 | ``` 294 | 295 | -------------------------------------------------------------------------------- /etc/spec/ARCHITECTURE.md: -------------------------------------------------------------------------------- 1 | CTX, Context Transformation Extension, is a cryptographic method which defends 2 | against BREACH, CRIME, TIME, and generally any compression side-channel attack. 3 | CTX uses context hiding in a per-origin manner to separate secrets from 4 | different origins in order to avoid cross-compressibility. 5 | 6 | Compression side-channel attacks is a domain that evolved greatly in recent 7 | years. CTX fills the void as a generic defense that completely mitigates such 8 | attacks. Our aim is to create a production-level solution that enables web 9 | services' administrators to strengthen web applications. It runs at the 10 | application layer, is opt-in, and does not require modifications to web 11 | standards or the underlying web server. 12 | 13 | This document describes the architectural design of CTX implementations. It is 14 | a recommended reading if you plan to contribute to CTX or implement it in new 15 | web applications. 16 | 17 | # Overview 18 | 19 | CTX depends on separating secrets based on origin. In this case, *origin* is 20 | used to describe the party that generated each secret, either being web 21 | application or user generated content. (Do not confuse CTX origins with origins 22 | of same-origin policy.) For any two secrets A and B annotated with the same 23 | origin, it must hold true that the party able to change A would not violate the 24 | application privacy contract by knowing B. 25 | 26 | CTX is used to protect secrets in HTML and other content-type responses of web 27 | applications as they travel on the network. The developer must decide which 28 | portions of the response are sensitive and must be protected as secrets. 29 | Sensitive data does not only include high-value secrets such as passwords and 30 | CSRF tokens, but also user data that the developer wishes to keep private as 31 | well as reflected data. For more information see [unexpected 32 | secrets](https://ruptureit.com/blog/2016/07/27/unexpected-secrets-and-reflections/). 33 | 34 | CTX protects only HTTPS responses, not HTTPS requests. Due to mitigations of 35 | the CRIME attack, compression in HTTPS requests is always disabled, and hence 36 | no protection against compression side-channel attacks is required. 37 | 38 | A pseudo-random permutation of the secret alphabet is generated per origin. In 39 | the CTX case, the secret alphabet can be the alphabet of ASCII bytes (0 - 128). 40 | Protected secrets are then permuted using the generated permutation prior to 41 | transmission on the network by the server. Upon arrival on the client side, the 42 | inverse permutation is applied to decode the secret. The same permutation is 43 | applied to all secrets of the same origin. This is similar to a substitution 44 | cipher. Note that the permuted text is always subsequently encrypted using 45 | strong symmetric crypto such as AES over TLS. 46 | 47 | The usage of origins on the response plaintext is the developer's 48 | responsibility, the minimum being one origin for the entire response, in which 49 | case CTX is not protecting any part of the plaintext, and the maximum being one 50 | origin per character. The latter would result in the best possible security 51 | under CTX, although compression would be effectively disabled possibly 52 | resulting in poor performance. This is the case with defenses such as [secret 53 | masking](https://www.facebook.com/notes/protect-the-graph/preventing-a-breach-attack/1455331811373632/). 54 | 55 | # Structure 56 | 57 | The HTML response plaintext consists of a plain HTML structure along with 58 | CTX-transformed parts. Each CTX part is annotated using an HTML *div* tag 59 | structured as: 60 | 61 | ```html 62 |
xyx
63 | ``` 64 | 65 | where *i* is an integer. 66 | 67 | Separately in the same response, JSON will be included like: 68 | 69 | ```json 70 | [ 71 | 'abc', 72 | 'cab', 73 | 'bac', 74 | ... 75 | ] 76 | ``` 77 | 78 | 'abc', 'cab', 'bac' are the permutations used to permute secrets of origin 0, 79 | 1, and 2 respectively. 'xyx' is the permuted data after applying permutation 80 | for origin *i*. 81 | 82 | In the inverse transformation, the client will calculate the secrets for all 83 | permuted data and replace each instance of *data-ctx-origin* *divs* with the 84 | plaintext that is generated using the inverse i-th permutation in the JSON. 85 | 86 | The JSON is included in a `` tag at the HTML ``. 88 | 89 | # Python 90 | 91 | The basic CTX functionality is implemented in the *ctx-defense* package. This 92 | package defines the *app.py* and the *permuters.py* libraries. The 93 | first defines the CTX class which is responsible for generating and 94 | maintaining the permutations and applying them on secrets. The second defines 95 | the permuter classes for different types of alphabets. As of this point, one 96 | permuter for the ASCII printable alphabet exists. 97 | 98 | In order to generate the permutations, the CTX class uses the 99 | [random.shuffle](https://docs.python.org/2/library/random.html#random.shuffle) 100 | function. This function uses the Fisher-Yates shuffle which is proven to be a 101 | perfect shuffle given a good random number generator. 102 | 103 | The CTX class provides the following API. 104 | 105 | ## API 106 | 107 | ### available_permuters 108 | 109 | A dictionary that defines the available permuters. The keys are strings that 110 | identify the secret alphabet. The values are classes that implement the permuter 111 | interface defined below. 112 | 113 | ### protect 114 | 115 | Apply CTX on a specific secret. 116 | 117 | Arguments: 118 | 119 | - secret: A string of the plaintext secret. 120 | - origin: (Optional) A string defining uniquely the CTX origin for the secret. 121 | If no origin is specified, a random origin with an id string of 10 lowercase 122 | letters will be generated for this secret. 123 | - secret_alphabet: (Optional) A string that identifies the alphabet of the 124 | secret. Must be in *available_permuters* keys. Default value is 125 | "ASCII_printable". 126 | 127 | Applies the permutation that was generated for the *origin* on the *secret*. The 128 | permutation is set the first time *protect* is called per origin. It is up to 129 | the developer to define different origins in case multiple alphabets need to be 130 | used. 131 | 132 | Returns a dictionary with the following values: 133 | 134 | - *origin_id*: an integer corresponding to the origin parameter. 135 | - *permuted*: the permuted data using the permutation generated for the given 136 | origin. 137 | 138 | ### get_permutations 139 | 140 | Get all generated permutations. 141 | 142 | Returns an array of strings. The i-th string in the array is the permutation for 143 | the origin with origin_id=i. 144 | 145 | ## Permuters 146 | 147 | Permuters are classes that implement the permutation functionality 148 | for different secret alphabets. All permuters must implement the following 149 | interface: 150 | 151 | ### get_permutation 152 | 153 | Returns a string containing the generated permutation for the alphabet. This 154 | string defines a correlation of the plain alphabet and the permutation alphabet, 155 | i.e. the first character of the permutation is used to replace the occurencies 156 | of the first character of the plain alphabet in the secret etc. 157 | 158 | ### permute 159 | 160 | Applies the generated permutation on each character and returns the permuted data. 161 | 162 | Arguments: 163 | 164 | - secret: A string of the plaintext secret. 165 | 166 | ## Implemented permuters 167 | 168 | - ASCII_printable: A permuter for the alphabet consisting of printable ASCII 169 | characters, as defined in 170 | [string.printable](https://docs.python.org/2/library/string.html#string.printable). 171 | 172 | # Django implementation 173 | 174 | We provide an implementation for Django. 175 | 176 | When using Django templating, use `ctx_protect` with an appropriate origin 177 | parameter to protect your secret: 178 | 179 | ```html 180 | {% ctx_protect "a secret", "an origin" %} 181 | ``` 182 | 183 | For more information on the Django CTX, visit the [django-ctx 184 | repository](https://github.com/dimkarakostas/ctx/tree/master/etc/python/django-ctx). 185 | 186 | # Flask implementation 187 | 188 | We provide an implementation for Flask. 189 | 190 | Use the `ctx_protect` function in your templates to protect a secret from a 191 | specific origin. 192 | 193 | ```html 194 | {{ ctx_protect("a secret", "an origin") }} 195 | ``` 196 | 197 | For more information on the Flask CTX, visit the [flask-ctx 198 | repository](https://github.com/dimkarakostas/ctx/tree/master/etc/python/flask-ctx). 199 | 200 | # node.js 201 | 202 | We provide an implementation for node.js frameworks. The basic CTX 203 | implementation is in *ctx-defense.js* in the [ctx-defense 204 | folder](https://github.com/dimkarakostas/ctx/tree/master/nodejs/ctx-defense). 205 | 206 | CTX defense can be used in many nodejs frameworks. It has been tested for 207 | Express/express-handlebars, Express/pug, Express/EJS and Koa.js/koa-pug. 208 | For more information on the nodejs-ctx-defense and its basic usage in the above 209 | frameworks/templates visit the [nodejs-ctx-defense 210 | folder](https://github.com/dimkarakostas/ctx/tree/master/nodejs/nodejs-ctx-defense). 211 | 212 | # Client implementation 213 | 214 | The client logic is implemented in ctx.js. It applies the inverse 215 | transformations onload. 216 | -------------------------------------------------------------------------------- /etc/Black Hat Europe 2016/BH-eu2016-CTX.tex: -------------------------------------------------------------------------------- 1 | \documentclass[a4paper, 11 pt, conference]{article} % Comment this line out if you need a4paper 2 | 3 | % The following packages can be found on http:\\www.ctan.org 4 | \usepackage{graphics} % for pdf, bitmapped graphics files 5 | \usepackage{url} 6 | \usepackage{listings} 7 | 8 | \title{\textbf{CTX: Eliminating BREACH with Context Hiding}} 9 | 10 | \author{ 11 | Dimitris Karakostas\footnotemark[1]\\ 12 | University of Athens\\ 13 | dimit.karakostas@gmail.com\\ 14 | \and 15 | Aggelos Kiayias\footnotemark[1]\\ 16 | University of Edinburgh\\ 17 | akiayias@inf.ed.ac.uk\\ 18 | \and 19 | Eva Sarafianou\footnotemark[1]\\ 20 | University of Athens\\ 21 | eva.sarafianou@gmail.com\\ 22 | \and 23 | Dionysis Zindros\thanks{Research supported by ERC project CODAMODA, project \#259152.}\\ 24 | University of Athens\\ 25 | dionyziz@di.uoa.gr\\ 26 | } 27 | 28 | \date{} 29 | \pagenumbering{arabic} 30 | 31 | \begin{document} 32 | 33 | \maketitle 34 | \thispagestyle{plain} 35 | \pagestyle{plain} 36 | 37 | \begin{abstract} 38 | 39 | The BREACH attack presented at Black Hat USA 2013 has still not been mitigated, 40 | even in the latest versions of TLS, despite the new developments and 41 | optimizations presented at Black Hat Asia 2016. BREACH and similar attacks pose 42 | a threat against all practical web applications which use compression together 43 | with encryption. We present a generic defense method which eliminates problems 44 | that arise from compression detectability features of existing protocols. We 45 | introduce CTX, Context Transformation Extension, a cryptographic method which 46 | defends against BREACH, CRIME, TIME, and any compression side-channel attack in 47 | general. CTX operates at the application layer and uses context hiding in a 48 | per-origin manner to separate secrets from different origins in order to avoid 49 | cross-compressibility. 50 | 51 | \end{abstract} 52 | 53 | \section{Introduction} 54 | In 2012 CRIME~\cite{c1} showed for the first time that side-channel compression 55 | attacks can be successful against TLS. CRIME targeted HTTPS requests and has 56 | since been mitigated by disabling compression at the TLS level~\cite{c2}. 57 | 58 | In 2013 TIME~\cite{c3} and BREACH~\cite{c4} introduced an attack vector that exploited 59 | compression on HTTP responses to compromise TLS. This vector takes advantage of the 60 | characteristics of the DEFLATE algorithm~\cite{c5}, the basis of most 61 | compression applications, in order to steal secrets from applications using 62 | stream ciphers. 63 | 64 | In 2015 RC4 is considered insecure~\cite{c6} which forces most websites to use 65 | AES block ciphers. Services like Facebook also tried to prevent BREACH~\cite{c7} 66 | using secret masking, although this method protected CSRF tokens only and the 67 | fundamental aspects of BREACH were still not mitigated. 68 | 69 | In 2016, both Rupture~\cite{c8} and HEIST~\cite{c9} introduced new threats 70 | regarding compression side-channel attacks. Rupture showed that BREACH can 71 | evolve to attack major web applications and steal secrets that were not 72 | previously considered as targets of BREACH. It also incorporated statistical 73 | methods to bypass noise induced from block ciphers or random data included in the response plaintext. 74 | 75 | HEIST demonstrated that compression-based attacks, such as CRIME and BREACH, can 76 | be performed solely in the browser by a malicious website or script. It does not 77 | require Man-in-the-Middle agents since it abuses the way responses are sent at the TCP level. 78 | 79 | These attack techniques, which pose an imminent threat to online security and privacy, have still not been mitigated. 80 | 81 | Our work introduces a generic defense method which disqualifies compression 82 | detectability features of existing protocols. CTX is a cryptographic method 83 | which defends against any compression side-channel attack. It prevents 84 | cross-compressibility by separating the secrets from different origins and using 85 | context hiding in a per-origin manner. 86 | 87 | The existing suggested defense for BREACH~\cite{c10} includes disabling 88 | compression or completely bypassing compression, which results in significant 89 | performance penalties. On the other hand, there has not been proposed a solution 90 | that keeps compression intact and solves the security issues. It is not known if 91 | such a solution is even possible. Our method lies between the two options 92 | regarding compression usage. We achieve a good balance by slightly reducing 93 | compression size and time performance while achieving full security. 94 | 95 | We release an open source implementation of CTX in popular web frameworks both 96 | for client-side and server-side web applications. Our implementation runs at the 97 | application layer, is opt-in, and does not require modifications to web 98 | standards or the underlying web server. 99 | 100 | We conclude that if secrets are separated by origin at the application level using the CTX defense, compression side-channel attacks are mitigated. 101 | 102 | \section{Theoretical analysis} 103 | 104 | \subsection{CTX architecture} 105 | 106 | CTX depends on separating secrets based on origin. Origin is used to describe 107 | the party that generated the secret. The origin can be either the web 108 | application or a user. A CTX origin should not be confused with origins of 109 | same-origin policy~\cite{c11}, which is a completely different notion. Thus, for any secrets A and B generated from the same origin, whoever is able to change the secret A can also know the secret B with no violation of the application privacy contract. 110 | 111 | CTX is used to protect HTML and other content-type responses of web applications as they travel on the network. It protects only HTTPS responses, not HTTPS requests. The mitigation of the CRIME attack resulted in compressionless HTTPS requests and hence no protection against compression side-channel attacks is required. 112 | 113 | It is up to the application developer to decide which portions of the response 114 | are sensitive and must be protected as secrets. Sensitive data does not only 115 | include high-value secrets such as passwords and CSRF tokens, but also user data 116 | that the developer wishes to keep private. Some examples are the bodies of email 117 | messages in Gmail, the chat messages received or sent to a friend on Facebook, 118 | the contents of documents and spreadsheets in Google Docs and the list of online 119 | friends on Facebook or Google Hangouts, as they contain all the important 120 | contacts of the victim. Practically any piece of information which is only 121 | accessible when logged in is potentially a secret and should be CTX 122 | protected. 123 | 124 | The developer should also separate the HTML plaintext into contexts. Each context contains portions of the plaintext. Some of these contexts do not typically need compression-security protection, e.g. static HTML portions that are accessible on a website even when logged out. However, sensitive data, as mentioned above, require compression-security protection. 125 | 126 | The minimum amount of origins is one origin for the entire response, in which case CTX is not protecting any part of the plaintext, and the maximum is one origin per character. The latter would result in the best possible security under CTX, although compression would be effectively disabled possibly resulting in poor performance. This is the case with defenses such as secret masking. 127 | 128 | The portions of the plaintext within contexts of different origin are then 129 | forced to compress separately, i.e. not cross-compress. However, compression is 130 | achieved within each context. In order to acomplish this, CTX generates a 131 | pseudo-random permutation of the secret alphabet for each origin. The secret 132 | alphabet is by default the alphabet of ASCII bytes (0 - 128). In order to 133 | randomly permute the secret alphabet, we use the Fisher--Yates shuffle 134 | algorithm~\cite{c12}. This algorithm puts all the elements into a 135 | hat and continually determines the next element by randomly drawing an element 136 | from the hat until no elements remain. The Fisher--Yates shuffle algorithm 137 | produces an unbiased permutation meaning that every permutation is equally 138 | probable. 139 | 140 | Secrets are then permuted by the server using the generated permutation of the 141 | corresponding origin prior to TLS encryption and network transmission. Upon 142 | arrival on the client side, the inverse permutation is applied to decode the 143 | secret. The same permutation is applied to all secrets of the same origin. That 144 | way, better compression is achieved intra-origin. 145 | 146 | Each time the server issues an HTTPS response, new per-origin permutations are 147 | generated. The power of the BREACH attack lies to the assumption that we can perform 148 | multiple requests to the target website while the transmitted secret remains the same. Since new alphabet permutations are generated per HTTPS response, the statistical analysis performed by Rupture is no longer feasible. 149 | 150 | \subsection{A detailed example} 151 | 152 | Each time CTX protects a secret, three parameters need be defined: the secret, 153 | the origin, and the permutation alphabet. In our example we will use the 154 | permutation alphabet of ASCII printable characters, which consist of ASCII codes 155 | 9-13 and 32-126. 156 | 157 | The first secret that needs to be protected is the string "secret1" which is 158 | generated by the origin "testsorigin1". In order to protect this secret, CTX 159 | will generate a random permutation of ASCII printable characters. Each character 160 | in the permutation corresponds to a single ASCII printable character, so that 161 | the first character in the permutation corresponds to ASCII 9 and the last to 162 | ASCII 126. CTX will then apply the permutation on the secret. Suppose that the 163 | correspondence of printable-permutation characters is: 164 | 165 | \begin{description} 166 | \item{$\cdot$ s} $\rightarrow$ 0 167 | \item{$\cdot$ e} $\rightarrow$ f 168 | \item{$\cdot$ c} $\rightarrow$ ) 169 | \item{$\cdot$ r} $\rightarrow$ 4 170 | \item{$\cdot$ t} $\rightarrow$ * 171 | \item{$\cdot$ 1} $\rightarrow$ l 172 | \item (...) 173 | \end{description} 174 | 175 | The permuted secret will then be "0f)40*l". 176 | 177 | A second secret is the string "secret2" from origin "testorigin2". Following the 178 | same procedure, CTX will generate a permutation which is described as follows: 179 | 180 | \begin{description} 181 | \item{$\cdot$ s} $\rightarrow$ t 182 | \item{$\cdot$ e} $\rightarrow$ 9 183 | \item{$\cdot$ c} $\rightarrow$ ( 184 | \item{$\cdot$ r} $\rightarrow$ l 185 | \item{$\cdot$ t} $\rightarrow$ j 186 | \item{$\cdot$ 2} $\rightarrow$ 2 187 | \item (...) 188 | \end{description} 189 | 190 | The second permuted secret will then be "t9(l9j2". 191 | 192 | Permutations are randomly generated per origin, so the two permutations for 193 | "testorigin1" and "testorigin2" are not dependent and each is needed in order to 194 | reverse permute the corresponding secret. 195 | 196 | \section{Implementation} 197 | 198 | Our open source implementation of CTX can be used on popular web frameworks for both client-side and server-side web applications. 199 | 200 | \subsection{Server-side} 201 | 202 | \subsubsection{CTX protected HTML response} 203 | The HTML response plaintext consists of a plain HTML structure along with CTX-transformed parts. Each CTX part is annotated using an HTML div tag structured as: 204 | \lstinline{
xyx
} 205 | where \textit{i} is an integer origin ID and \textit{xyx} the permuted secret after applying permutation for origin i. 206 | 207 | Separately in the same response, a JSON will be included. 208 | 209 | \begin{lstlisting} 210 | [ 211 | 'abc', 212 | 'cab', 213 | 'bac', 214 | ... 215 | ] 216 | \end{lstlisting} 217 | 218 | where \textit{'abc'}, \textit{'cab'}, \textit{'bac'} are the permutations used to permute secrets of origin 0, 1, and 2 respectively. The JSON is included in a 219 | \begin{lstlisting}[language=HTML] 220 | 224 | \end{lstlisting} tag in the HTML body. 225 | 226 | \subsubsection{Developer's actions} 227 | We have implemented the server-side CTX defense for the Django~\cite{c13}, 228 | Flask~\cite{c14}, and Node.js~\cite{c15} web frameworks. 229 | 230 | A developer should install the CTX package for the corresponding framework in 231 | order to use CTX defense. For example, the developer of a Django project should 232 | add django-ctx to the installed apps, add the ctx processor to the 233 | context\_processors setting and use \lstinline|{% load ctx_tags %}| to load the ctx tag library in the template. 234 | 235 | In order to protect secrets, they should protect them with the ctx\_protect tag \lstinline|{% ctx_protect secret origin alphabet %}|. The origin and alphabet parameters are optional. If no such parameters are passed, the alphabet is the ASCII alphabet and the origin is a randomly generatered id string with 10 lowercase letters. 236 | 237 | After all \textit{ctx\_protect} tags that use an origin for the first time, the developer should include the \lstinline|{% ctx_permutations %}| tag to include the permutations used for each origin. It is proposed that it is included before the \lstinline| | HTML tag. 238 | 239 | \subsection{Client-side} 240 | On the client-side, the browser runs a Javascript library for the inverse permutation on load. It searches for the tag with id \textit{ctx-permutations} to access the JSON table with the stored per-origin permutations and performs the inverse permutation for all ctx tags. 241 | The developer should add the script \lstinline| | before the \lstinline|| tag. 242 | 243 | \subsection{Experiments} 244 | We have conducted several experiments to evaluate the performance of web 245 | services protected by CTX. The results of these experiments are overwhelmingly 246 | positive and should be taken into account when considering incorporating CTX in 247 | a web service. 248 | 249 | The CTX parameters that affect performance are basically 4: the number of 250 | origins, the total amount of plaintext response, the amount of secrets in the 251 | response, and the distribution of secrets to origins. Each parameter affects the 252 | performance differently and will be examined thoroughly in the following 253 | sections. 254 | 255 | Our experiments focused on each parameter separately, so the results reflect the 256 | performace under each one independently. A combination of the parameters may 257 | result in slightly different results when used in real-world systems. 258 | 259 | In all our tests we use an HTML web page where each secret is a string of 260 | English literature. 261 | 262 | \subsubsection{Origins} 263 | The number of origins mainly affects the overhead of data in the response. The 264 | time overhead was found to be insignificant so it will not be included here. The 265 | more origins are used the bigger the response, both compressed and uncompressed, 266 | is expected to be. 267 | 268 | In our experiment, we use a 650KB page and a fixed amount of secrets, which 269 | comprise 1\% of the page, and tested the use of a number of origins in the range 270 | [0, 50]. The worst case scenario, using 50 origins, resulted in a 12\% overhead 271 | in the compressed response. In other words, the CTX-protected response is 272 | expected to be 1.12x the size of the unprotected, which is practically 273 | insignificant considering the security benefits. In comparison, disabling 274 | compression would result in 976.8\% overhead. 275 | 276 | \subsubsection{Total response} 277 | The size of the total response affects the impact of CTX on protected secrets. 278 | Time is again not an issue here and will not be described. 279 | 280 | Our experiment tests CTX's performace on web pages ranging from 13KB to 650KB. 281 | A base of comparison could be Google Inbox's main page, which is roughly 550KB. 282 | We maintain the percentage of secrets and the origins the same throughout the 283 | test to 1\% and 50 respectively. 284 | 285 | Our results show that as the response grows larger, the overhead caused by CTX 286 | is minimized. Specifically, for a typical 13KB web page, protecting 1\% of it 287 | with CTX would add a 228\% overhead. A 650KB page on the other 288 | hand would suffer an overhead of only 13\%. Disabling compression alltogether 289 | would add overhead that ranges from 500\% to 91\% for the same web pages. 290 | 291 | \subsubsection{Amount of secrets} 292 | The percentage of the web page that is protected by CTX also affects the 293 | application's performance. In this case, we consider a 650KB web page, a size 294 | representative of Facebook's home page, which is protected by CTX using 50 295 | origins. 296 | 297 | Our experiment tests the effect when 1\% up to 50\% of the web page is 298 | protected. Results show that the bigger the protected part is, the bigger the effect 299 | of CTX on performance will be. Specifically, protecting 1\% of such a web page 300 | would result in a 5\% size overhead, whereas protecting 50\% of it would result 301 | in a 35\% overhead. 302 | 303 | This is also the only test that demonstrated a time overhead. Specifically, the 304 | 1\% case introduces a 1ms overhead, while the 50\% case adds 45ms of server-side 305 | work. 306 | 307 | However, it should be noted that our tests are very strict. A typical website 308 | response consists mainly of HTML code or libraries that usually need not be 309 | protected. In this case, the amount of secrets in the response would not exceed 310 | 1\% of the total response, in which case the CTX overhead as shown by our 311 | experiments is totally acceptable. For example, Facebook and Gmail typically 312 | only need protect approximately 0.5\% of the response. 313 | 314 | In comparison, disabling compression would again result in 976.8\% load overhead 315 | and a network transmittion time overhead that, depending on the client's and the 316 | server's network, may be up to seconds. 317 | 318 | \section{Related Work} 319 | 320 | Our work is based on both the idea of disabling compression, a successful 321 | security mechanism against all compression attacks, as well as the idea of 322 | masking secrets, also a perfectly successful security mechanism, employed by 323 | Facebook and others. However, these two previous defense ideas lack in 324 | compression performance, which we improve on and provide a balance between 325 | security and performance. Our implementation is inspired by the authors of the original BREACH paper who wrote in the defenses section "One approach that completely solves the problem is to put user input in a completely different compression context than that of application secrets. Depending on the nature of the application and its implementation, this may be very tedious and highly impractical." This was a good idea, which was not elaborated further by Prado etc. 326 | 327 | SafeDeflate~\cite{c16}, published in 2016, is also a proposal to prevent BREACH 328 | and CRIME by eliminating compression detectability. It is a modification of the 329 | standard Deflate algorithm in which compression ratio does not leak information 330 | about secret tokens. However, the size for the dataset compressed when using 331 | SafeDeflate is 200\%-400\% times larger than the size of the compressed dataset if the 332 | standard Deflate algorithm is used. Our implementation increases the size by only 5\% of the non-CTX protected size. 333 | 334 | \section{Future Work} 335 | CTX defense is the natural conclusion of BREACH, TIME, Rupture, and any 336 | compression side-channel attack, since it combines security with 337 | compressibility. CTX should be implemented for other web frameworks, such as 338 | Ruby on Rails and Lavarel, and can be extended for other encoding standards, 339 | such as UTF-8. CTX can also be implemented for web frameworks which build API 340 | services and return other data formats like JSON. This way the data served from 341 | the database to the user will be transmitted over the network in a secure way. 342 | 343 | \begin{thebibliography}{13} 344 | 345 | \bibitem{c1} J. Rizzo, T. Duong: The CRIME attack, Ekoparty, 2012 346 | \bibitem{c2} D. Goodin, Crack in Internet’s foundation of trust allows HTTPS session hijacking, Ars Technica, 2012 347 | \bibitem{c3} Be’ery, Tal, and Amichai Shulman. "A perfect CRIME? Only TIME will 348 | tell." Black Hat Europe 2013 (2013). 349 | \bibitem{c4} Y. Gluck, N. Harris, A. Prado, BREACH: Reviving the CRIME attack, Black Hat USA, 2013 350 | \bibitem{c5} P. Deutsch, DEFLATE Compressed Data Format Specification, RFC 1951, 1996 351 | \bibitem{c6} A.Popov, Prohibiting RC4 Cipher Suites, RFC 7465, 2015 352 | \bibitem{c7} Chad Parry, Christophe Van Gysel, Preventing a “BREACH” Attack, 2014 353 | \bibitem{c8} D.Karakostas, D.Zindros: Practical New Developments in the BREACH Attack, Black Hat Asia, 2016 354 | \bibitem{c9} M. Vanhoef, Tom Van Goethem: HEIST: HTTP Encrypted Information can be 220 Stolen through TCP-windows, Black Hat USA 2016 355 | \bibitem{c10} Jacob Kaplan-Moss, Security advisory: BREACH and Django, 2013 356 | \bibitem{c11} A. Barth, The Web Origin Concept, RFC6454, 2011 357 | \bibitem{c12} R. Fisher, F. Yates: Statistical tables for biological, 358 | agricultural and medical research, 1938 359 | \bibitem{c13} [online] URL: \url{https://www.djangoproject.com/} [cited November 2106] 360 | \bibitem{c14} [online] URL: \url{http://flask.pocoo.org/} [cited November 2106] 361 | \bibitem{c15} [online] URL: \url{https://nodejs.org/en/} [cited November 2106] 362 | \bibitem{c16} M. Zielinski, SafeDeflate: compression without leaking secrets, 363 | 2016 364 | 365 | \end{thebibliography} 366 | 367 | \end{document} 368 | --------------------------------------------------------------------------------