[Top] [All Lists]

Re: [ietf-smtp] [Shutup] Compressing SMTP streams

2016-02-06 10:43:08

On 06 Feb 2016, at 12:32, Martijn Grooten 
<martijn(_at_)lapsedordinary(_dot_)net> wrote:

On Sat, Feb 06, 2016 at 11:15:54AM +0100, Aaron Zauner wrote:
Do you guys have any numbers on this? I.e. what the advantage and
compression ratio for your average mail traffic will be? I suspect
compression is helpful in SMTP but it may also introduce
vulnerabilities in combination with TLS. CRIME wasn't the only attack
on compression, there's also been application layer specific attacks
BREACH for example ( A team is currently working on
improving these attacks in application layer protocols, circumvent
counter-measures in clients et cetera (from a talk at
RealWorldCrypto2016 -

I think it's fair to say (as others have done already) that none of
these attacks work against SMTP as they all require the attacker to
force the client to make specific requests to the target.

Well, yes. You just can't do JavaScript via SMTP (yet) :)

But these attacks also show that compression and encryption don't go
well together. And crypto is hard and provides plenty of opportunities
to mess up. For that reason, I would suggest following TLS 1.3 and not
combine the two, as it would teach people bad habits.

There aren't that many people looking into this, with renewed research efforts 
I fear that these attacks may improve significantly. The authors of mentioned 
work on improving these attacks explicitly mentioned other application layer 
protocols than HTTP(S) in the Q/A after the talk. They will also be presenting 
new attacks at upcoming conferences. As I see it - adding compression might 
reduce traffic load for some providers but at the same time may introduce new 
vulnerabilities in the future to already poorly-secured protocols like SMTP.


Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

ietf-smtp mailing list