Re: [dhcwg] Order of options for DHCP Anonymity profile
Sten Carlsen <stenc@s-carlsen.dk> Mon, 31 August 2015 19:07 UTC
Return-Path: <stenc@s-carlsen.dk>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12AC71B4FBB for <dhcwg@ietfa.amsl.com>; Mon, 31 Aug 2015 12:07:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.59
X-Spam-Level:
X-Spam-Status: No, score=-1.59 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DK=1.009, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zMnFptQhFyMb for <dhcwg@ietfa.amsl.com>; Mon, 31 Aug 2015 12:07:43 -0700 (PDT)
Received: from mail1-hoer.fullrate.dk (mail1-hoer.fullrate.dk [90.185.2.131]) by ietfa.amsl.com (Postfix) with ESMTP id 11ED71B4CCE for <dhcwg@ietf.org>; Mon, 31 Aug 2015 12:07:38 -0700 (PDT)
Received: from mail2.s-carlsen.dk (unknown [90.184.223.34]) by mail1-hoer.fullrate.dk (Postfix) with ESMTP id 45C0DC10C2 for <dhcwg@ietf.org>; Mon, 31 Aug 2015 21:07:36 +0200 (CEST)
Received: from silver4.local (unknown [192.168.16.241]) by mail2.s-carlsen.dk (Postfix) with ESMTPA id 5A31A1C116 for <dhcwg@ietf.org>; Mon, 31 Aug 2015 21:07:34 +0200 (CEST)
To: dhcwg@ietf.org
References: <DM2PR0301MB0655D1C7800B593A3C6268A1A86C0@DM2PR0301MB0655.namprd03.prod.outlook.com> <55E34736.60609@s-carlsen.dk> <489D13FBFA9B3E41812EA89F188F018E1CC5EE54@xmb-rcd-x04.cisco.com> <55E4A374.4090102@gmail.com>
From: Sten Carlsen <stenc@s-carlsen.dk>
X-Enigmail-Draft-Status: N1110
Message-ID: <55E4A5F5.6060500@s-carlsen.dk>
Date: Mon, 31 Aug 2015 21:07:33 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <55E4A374.4090102@gmail.com>
Content-Type: multipart/alternative; boundary="------------070108010008000409050704"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/EGJb_ZKAvjlgYUa3z1wFTmoW1Ys>
Subject: Re: [dhcwg] Order of options for DHCP Anonymity profile
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Aug 2015 19:07:46 -0000
I don't quite agree, reshuffling or specifically ordering options both indicate you want to hide, that alone attracts interest, so maybe the best thing is to not be different from others? If the tracker has a copy of the randomisation function, usually just a few samples will suffice to identify both the function and the position of the sequence. As comparison, keys for cars with remote control use a 32bit pseudo random number for protection and two consecutive captures are enough to predict the next number (and steal the car). I wish I had the answer, all I have are some questions. On 31/08/15 20:56, Tomek Mrugalski wrote: > On 31.08.2015 16:20, Bernie Volz (volz) wrote: >> Ordering by option number seems a fine (and simpler) approach. The >> differences in options requested might still make fingerprinting >> possible (especially for clients that ask for more unusual options). > By sending options ordered you would disclose the desire for anonymity. > It is obvious from the first packet intercepted. > > Sten said that the randomization function might be recognizable. That's > technically true, but for all reasonably good randomizations it would > require gathering large number of packets before you could draw any > statistically significant conclusions. > > Christian said that the order of options comes from how the software > processes the packet. I understand that. But I think the conclusion > coming out of it is somewhat weak. You say that it's doable to order > options by option code but it's too much effort to randomly reshuffle > them? In both cases that would likely be a step conducted at the final > steps of packet processing, shortly before sending it over the wire. > > I still think that randomizing the order of both options and option > codes in PRL/ORO is the way to go. If you strongly object to that, > perhaps the text could say that the client SHOULD randomize, but if it's > not possible for whatever reason, it MAY send options/option codes > ordered by option number. > > Tomek > > > > _______________________________________________ > dhcwg mailing list > dhcwg@ietf.org > https://www.ietf.org/mailman/listinfo/dhcwg -- Best regards Sten Carlsen No improvements come from shouting: "MALE BOVINE MANURE!!!"
- [dhcwg] Order of options for DHCP Anonymity profi… Christian Huitema
- Re: [dhcwg] Order of options for DHCP Anonymity p… Sten Carlsen
- Re: [dhcwg] Order of options for DHCP Anonymity p… Bernie Volz (volz)
- Re: [dhcwg] Order of options for DHCP Anonymity p… Tomek Mrugalski
- Re: [dhcwg] Order of options for DHCP Anonymity p… Sten Carlsen
- Re: [dhcwg] Order of options for DHCP Anonymity p… Christian Huitema
- Re: [dhcwg] Order of options for DHCP Anonymity p… Sten Carlsen
- Re: [dhcwg] Order of options for DHCP Anonymity p… Christian Huitema
- Re: [dhcwg] Order of options for DHCP Anonymity p… Sten Carlsen