64434 – Implement TLS 1.3 random record padding to mitigate BREACH

Bug 64434 - Implement TLS 1.3 random record padding to mitigate BREACH

Summary: Implement TLS 1.3 random record padding to mitigate BREACH

Status:	NEW

Alias:	None

Product:	Apache httpd-2
Classification:	Unclassified
Component:	mod_ssl (show other bugs)
Version:	2.5-HEAD
Hardware:	PC Linux

Importance:	P2 normal (vote)
Target Milestone:	---
Assignee:	Apache HTTPD Bugs Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2020-05-14 00:52 UTC by Craig
Modified:	2020-05-14 00:59 UTC (History)
CC List:	1 user (show)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Craig 2020-05-14 00:52:38 UTC

The TLS specification (RFC 8446) section 5.4 defines optional Record Padding: https://tools.ietf.org/html/rfc8446#section-5.4

As a security improvement, I suggest that httpd implement random record padding.

Random record padding would mitigate the BREACH attack (and other similar) vulnerabilities.

In OpenSSL, this is done using SSL_CTX_set_record_padding_callback: https://www.openssl.org/docs/man1.1.1/man3/SSL_set_block_padding.html