Lucas Driscoll presents "Security and Compression", a talk on the cybersecurity risks caused by using compression, especially in a web context. Lucas reviews the basic mechanics of attacking a scheme where text is compressed and then encrypted, the attacks that have been discovered in practice, and mitigations against them.
This relates to attacks against TLS, such as Compression Ratio Info-leak Made Easy (CRIME) and BREACH (Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext). You can find more information HERE
6PM-8PM
Route 9 Library & Innovation Center, 3022 New Castle Ave ยท New Castle, DE
The meeting will be held in the library's computer lab to encourage attendee hands-on web security testing experience.