Re: Security Advisory: BREACH and Django

Tue, 06 Aug 2013 12:33:45 -0700 

On 2013-08-06 12:53, Donald Stufft wrote:
> On Aug 6, 2013, at 12:16 PM, Tom Scrace <[email protected]> wrote:
>> On Tuesday, August 6, 2013 3:42:01 PM UTC+1, Jacob Kaplan-Moss
>> wrote:
>> 
>> We plan to take steps to address BREACH in Django itself, but in
>> the meantime we recommend that all users of Django understand
>> this vulnerability and take action if appropriate.
>> 
>> Would randomizing the CSRF token on each request be the correct
>> way to fix this in Django?
> 
> This incurs the cost that every request to Django invalidates all
> existing CSRF tokens (meaning if you start filling out a form, and
> then open another form in a different tab the first form will send
> an error) OR requires you to store a separate CSRF token for each
> request and look up the submitted CSRF token in that set of stored
> tokens.
> 
> There are a few possible solutions each with their own drawbacks.
> Such as secret hiding or disabling compression only for pages that
> have CSRF (or other secret output).

After through the PDF, my understanding that it requires the token
to be constant across all requests.  One might be able to mitigate it
a bit by randomly inserting values into the CSRF token that then get
stripped back out before being checked.  So the actual transmitted
value changes every time (per 3.4 in the PDF), but the server knows
how to strip the random junk back out.  Something like

  # a set of characters known not to be in tokens created
  # by the existing method
  JUNK_TO_STRIP = ' \t'
  JUNK_SET = frozenset(JUNK_TO_STRIP)
  MAX_JUNK_PER_CHAR = 5

  def random_junkify(c, junk=JUNK_TO_STRIP, count=MAX_JUNK_PER_CHAR):
    return ''.join(
        random.choice(junk)
        for _ in range(count)
        ) + c

  def generate_token():
    token = existing_token_generation()
    return ''.join(
      random_junkify(c)
      for c in token
      )

  def new_check_token(token):
    token = ''.join(c for c in token if c not in JUNK_SET)
    return existing_token_check(token)

I'd be interested in others' thoughts on whether this might suffice
to stymie this attack.

-tkc

Attachment: signature.asc
Description: PGP signature

Reply via email to