Re: [E2ee] Reducing Plaintext Metadata in E2EE Systems
Matthew Finkel <sysrqb@torproject.org> Tue, 19 October 2021 17:54 UTC
Return-Path: <sysrqb@torproject.org>
X-Original-To: e2ee@ietfa.amsl.com
Delivered-To: e2ee@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C324E3A08ED for <e2ee@ietfa.amsl.com>; Tue, 19 Oct 2021 10:54:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ko6_FobQxgpF for <e2ee@ietfa.amsl.com>; Tue, 19 Oct 2021 10:54:01 -0700 (PDT)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7EB543A08EB for <e2ee@ietf.org>; Tue, 19 Oct 2021 10:54:00 -0700 (PDT)
Received: from fews2.riseup.net (fews2-pn.riseup.net [10.0.1.84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mail.riseup.net", Issuer "R3" (not verified)) by mx1.riseup.net (Postfix) with ESMTPS id 4HYhFL26nrzDrhG; Tue, 19 Oct 2021 10:53:58 -0700 (PDT)
X-Riseup-User-ID: 59CBEEC4919343F3AC686D688485E7764818AF1B5AE29BA1F23CDC91072BDA6E
Received: from [127.0.0.1] (localhost [127.0.0.1]) by fews2.riseup.net (Postfix) with ESMTPSA id 4HYhFF5vd5z1yW8; Tue, 19 Oct 2021 10:53:52 -0700 (PDT)
Date: Tue, 19 Oct 2021 17:53:46 +0000
From: Matthew Finkel <sysrqb@torproject.org>
To: Mallory Knodel <mknodel@cdt.org>
Cc: e2ee@ietf.org
Message-ID: <20211019175346.jum267c5wwz7syyc@localhost>
References: <20210729141230.p62bwxrh6shysjkq@localhost> <ae81d84b-3c1a-ed51-4f77-11e280a507c0@cdt.org> <a08d9340-406d-4ba4-af5d-bcf1ca1bfeaf@cdt.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <a08d9340-406d-4ba4-af5d-bcf1ca1bfeaf@cdt.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/e2ee/ARnVJBJXeXiJr1cXMTDoFSxMc0M>
Subject: Re: [E2ee] Reducing Plaintext Metadata in E2EE Systems
X-BeenThere: e2ee@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of the definition of end-to-end encryption." <e2ee.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/e2ee>, <mailto:e2ee-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/e2ee/>
List-Post: <mailto:e2ee@ietf.org>
List-Help: <mailto:e2ee-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/e2ee>, <mailto:e2ee-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Oct 2021 17:54:06 -0000
Hi Mallory, That's great, thank you! I apologize for dropping this. Thanks, Matthew On Tue, Oct 19, 2021 at 11:44:21AM -0400, Mallory Knodel wrote: > Hi Matthew, > > I added a section under Optional/desirable features that says: > > Metadata obfuscation: Steps should be taken to minimize metadata such as > user obfuscating IP addresses, reducing non-routing metadata, and avoiding > extraneous message headers can enhance the confidentiality and security > features of E2EE systems. > > -Mallory > > On 7/29/21 10:27 AM, Mallory Knodel wrote: > > Thanks a lot Matthew, > > > > I agree that this should be a goal. Not all of the features should or > > could be part of every e2ee system, but the draft should demonstrate the > > "trajectory" of where the technology goes ideally. > > > > Please do create a PR, I would be happy to review and merge. > > > > -Mallory > > > > On 7/29/21 10:12 AM, Matthew Finkel wrote: > > > Hi all, > > > > > > This draft is very valuable, thanks to the authors for writing it. I'd > > > like to call more attention to the importance of reducing plaintext > > > metadata. The current draft contains: > > > > > > Existing protocols are vulnerable to meta-data analysis, even though > > > meta-data is often much more sensitive than content. Meta-data is > > > plaintext information that travels across the wire and includes > > > delivery-relevant details that central servers need such as the > > > account identity of end-points, timestamps, message size. Meta-data > > > is difficult to obfuscate efficiently. > > > > > > The phrasing of this paragraph leads me to wonder if obfuscation of > > > metadata should be included as a desirable feature. I don't mean to > > > imply it's possible to eliminate leaking all metadata in all E2EE > > > systems, but there is often some low-hanging fruit, like IP addresses or > > > non-routing metadata, that an E2EE system can try to protect or > > > obfuscate; e.g., MASQUE/OHTTP/Tor for IP addresses, and [0][1] for > > > protecting some extraneous message headers. I can open a PR if this is > > > helpful. > > > > > > Thanks, > > > Matthew Finkel > > > > > > [0] https://datatracker.ietf.org/doc/html/draft-autocrypt-lamps-protected-headers > > > [1] https://signal.org/blog/sealed-sender/ > > > > -- > Mallory Knodel > CTO, Center for Democracy and Technology > gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271 BD3C C780 > > -- > E2ee mailing list > E2ee@ietf.org > https://www.ietf.org/mailman/listinfo/e2ee
- Re: [E2ee] Reducing Plaintext Metadata in E2EE Sy… Mallory Knodel
- [E2ee] Reducing Plaintext Metadata in E2EE Systems Matthew Finkel
- Re: [E2ee] Reducing Plaintext Metadata in E2EE Sy… Mallory Knodel
- Re: [E2ee] Reducing Plaintext Metadata in E2EE Sy… Matthew Finkel