Debreach is a compression side-channel attack on a real-world database system that allows an attacker to extract encrypted content inserted by another user. The attack exploits the combination of encryption and compression commonly used in databases, which can leak the underlying plaintext information.
- Compression side-channel attacks can reveal information about encrypted messages by using compression to reveal message length
- Debreach is the first compression side-channel attack on a real-world database system
- The attack exploits the combination of encryption and compression commonly used in databases
- Possible mitigations include turning off compression, monitoring database usage for unusual activity patterns, and compressing only within rows inserted by the same user and user group
In Debreach, the attackers were able to extract encrypted content inserted by another user by utilizing a compression side-channel. They extended on techniques used in the CRIME and BREACH attacks beyond the web security context and into the database context. By compressing data, they were able to reveal message length and learn something about the message contents, which allowed them to extract sensitive information. This highlights the danger of combining encryption and compression in databases and the need for effective mitigations.