Explanation : BREACH Attack

    The Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext (BREACH) attack is a compression side channel attack, which targets information compressed in HTTP responses through HTTP compression. 

    HTTP compression is normally performed through the Deflate algorithm, which is a data compression algorithm that is made up of a combination of Huffman coding and LZ77 compression. When compressing data using this algorithm, any repeated byte sequences in the input are detected and are not repeated in the output. Instead, the repeated byte sequence is stored only once, along with pointers that point out where the same sequence is found again. 

    Therefore, even when encrypted, the length of the compressed data is still visible and this is one of the fundamental elements that makes the BREACH attack possible. Furthermore, for an application to be vulnerable to the BREACH attack it must be served from a server using HTTP compression, and it must also include a user-input and a secret, such as an anti Cross Site Request Forgery (anti-CSRF) token, in the HTTP response body. An attacker exploiting a BREACH attack vulnerability would need to have a means to view the victim’s traffic and also have the ability to enable the victim to send HTTP requests to the vulnerable server, which could be done by persuading the victim to visit a malicious site that is controlled by the attacker. This site would be crafted in a way that does not arouse suspicion from the victim’s end.