Thanks Xuelei and Brad for your replies! https://bugs.openjdk.org/browse/JDK-8244983 mentions that random padding could be used to mitigate BREACH attack. I googled for "breach random padding", found 3 similar requests [1] [2] [3] for enhancements, none of them was implemented. Also https://www.breachattack.com/ does not list TLS record padding as a means to mitigate the attack, presumably because even with random padding the response length will be eventually revealed if the request can be repeated.
What kind of padding length customization would you like to see in the JDK? Daniel [1] https://www.drupal.org/project/seckit/issues/2737783 [2] https://bz.apache.org/bugzilla/show_bug.cgi?id=64434 [3] https://trac.nginx.org/nginx/ticket/1977 sob., 5 lis 2022 o 04:01 Bradford Wetmore <bradford.wetm...@oracle.com> napisał(a): > > > On 11/4/2022 8:58 AM, Xuelei Fan wrote: > > The padding may be also necessary to prevent from a kind of attacks, > > besides hiding the length. But I cannot recall the details. > > I have a vague recollection of that, but I was thinking it was something > pre-1.3. But I'm not seeing any special padding in the pre-TLSv1.3 > changeset: > > c7c819cd8bba9f204f23b24a0d788fda61823eb3 > > so I may be off in my recollections. > > > Here is an enhancement > > request in JBS (https://bugs.openjdk.org/browse/JDK-8244983 > > <https://bugs.openjdk.org/browse/JDK-8244983>), please feel free to > take > > it. > > Ah yes. > > Brad > >
