Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Fox-IT releases answer to NSA's 'Quantum Insert' attack

Maria Korolov | April 27, 2015
A couple of years ago, among the trove of documents released by Edward Snowden, there was information about a "man-on-the-side" attack called Quantum Insert.

"You insert a packet with the same identification," said Bijl. "There's no way to distinguish it from the real answer as far as the browser is concerned."

Bijl added that communications also have to be in the clear. Encrypted traffic is safe.

And content delivery networks can improve the delivery speeds of legitimate content to the point where it's difficult for the Quantum Insert packet to get to the victim first.

How to detect a Quantum Insert attack

According to Fox-IT, spotting a Quantum Insert attack involves looking for duplicate HTTP response packets that are carrying different contents.

Depending on whether the attacker or the real website won the race to the victim, either the first or the second of the duplicate packets will be the fake one.

Fox-IT has published the code for detecting Quantum Insert and released it on github.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.