Comment by niutech on 21/09/2023 at 22:18 UTC*

1 upvotes, 1 direct replies (showing 1)

View submission: Support for gzip compression

View parent comment

While it looks like a good idea, TLS compression is prone to CRIME[1]/BREACH[2] attack.

1: https://en.wikipedia.org/wiki/CRIME

2: https://www.breachattack.com/

My proposal doesn't require changing the Gemini protocol spec, just adds a convention of appending a query param e.g. `?__gemini_encoding=gzip`, which could be ignored by the server.

Replies

Comment by AntiAmericanismBrit at 22/09/2023 at 06:48 UTC

1 upvotes, 2 direct replies

No, the BREACH and CRIME attacks are not relevant to Gemini.

CRIME requires TLS compression plus the ability to inject chosen plaintext into the victim's requests, via cross-site scripting or cookies. Gemini doesn't have scripting or cookies, therefore Gemini is not vulnerable to CRIME even if TLS compression is enabled.

And BREACH is a category of attacks that exploits HTTP responses with HTTP compression (not TLS compression), and again it relies on cookies to work. Gemini has no cookies, therefore Gemini is not vulnerable.

These attacks cannot be used to retrieve Gemini client-side certificates, which is the only login mechanism we use. So Gemini is safe from these attacks.