DBREACH - Database Reconnaissance and Exfiltration via Adaptive Compression Heuristics

Explore a groundbreaking presentation on database security vulnerabilities in this 36-minute Black Hat conference talk. Delve into the world of compression side-channel attacks on real-world databases, focusing on the DBREACH (Database Reconnaissance and Exfiltration via Adaptive Compression Heuristics) technique. Learn how attackers can potentially extract encrypted content inserted by other users, exploiting the dangerous combination of encryption and compression in large databases. Discover the intricacies of InnoDB page compression, supported compression algorithms, and the threat model behind these attacks. Gain insights into the attack algorithm, compressibility scores, and character-by-character extraction methods. Explore challenges such as the substring/superstring problem and techniques for overcoming noise in the side channel. Examine the efficiency, speed, and accuracy of the attack, as well as its potential impact on other systems. Conclude with a discussion on prevention strategies and patching vulnerabilities to enhance database security.

Intro
Roadmap
Encryption Security
CRIME BREACH
MariaDB/InnoDB Encryption and Compression
InnoDB Page Compression
Supported Compression Algorithms
Threat Model
Attack Algorithm
Compressibility Scores
Decision Attack Is a guess in the table?
Character-by-Character Extraction
Substring/Superstring Problem
Addressing the Superstring Problem
Overcoming Noise in the Side Channel
Maximizing Efficiency
Efficiency & Speed
Accuracy
Vulnerability of Other Systems
Prevention
Patching the Vulnerability