Re: HTTP/2 and Pervasive Monitoring
"Poul-Henning Kamp" <phk@phk.freebsd.dk> Sun, 17 August 2014 08:28 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD9261A0787 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 17 Aug 2014 01:28:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.57
X-Spam-Level:
X-Spam-Status: No, score=-7.57 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.668, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ia1gcr4WcWJP for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 17 Aug 2014 01:28:04 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C3FB31A0784 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sun, 17 Aug 2014 01:28:04 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XIvm1-00008s-5m for ietf-http-wg-dist@listhub.w3.org; Sun, 17 Aug 2014 08:25:09 +0000
Resent-Date: Sun, 17 Aug 2014 08:25:09 +0000
Resent-Message-Id: <E1XIvm1-00008s-5m@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <phk@phk.freebsd.dk>) id 1XIvla-00074K-QR for ietf-http-wg@listhub.w3.org; Sun, 17 Aug 2014 08:24:44 +0000
Received: from phk.freebsd.dk ([130.225.244.222]) by maggie.w3.org with esmtp (Exim 4.72) (envelope-from <phk@phk.freebsd.dk>) id 1XIvlZ-0001gL-Vo for ietf-http-wg@w3.org; Sun, 17 Aug 2014 08:24:42 +0000
Received: from critter.freebsd.dk (unknown [192.168.60.3]) by phk.freebsd.dk (Postfix) with ESMTP id 4C5201598; Sun, 17 Aug 2014 08:24:20 +0000 (UTC)
Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.14.9/8.14.9) with ESMTP id s7H8OHKM014358; Sun, 17 Aug 2014 08:24:19 GMT (envelope-from phk@phk.freebsd.dk)
To: Amos Jeffries <squid3@treenet.co.nz>
cc: ietf-http-wg@w3.org
In-reply-to: <53F04169.1050507@treenet.co.nz>
From: Poul-Henning Kamp <phk@phk.freebsd.dk>
References: <38BD57DB-98A9-4282-82DD-BB89F11F7C84@mnot.net> <CAH_y2NFr16YJEsN-=zUWjEdywuLpuOVijFmybjbXZtAE4LTMdg@mail.gmail.com> <DE8B5174-864A-4514-B2DC-6F1742535A8C@mnot.net> <CAH_y2NHOspsVugNZZgvD3XMZ522PzNkTRMS1dapcRDWQCL5ZsQ@mail.gmail.com> <8622.1408147394@critter.freebsd.dk> <53EEA563.4020703@cs.tcd.ie> <9932.1408170013@critter.freebsd.dk> <53EF3419.60207@cs.tcd.ie> <53F04169.1050507@treenet.co.nz>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <14356.1408263857.1@critter.freebsd.dk>
Date: Sun, 17 Aug 2014 08:24:17 +0000
Message-ID: <14357.1408263857@critter.freebsd.dk>
Received-SPF: none client-ip=130.225.244.222; envelope-from=phk@phk.freebsd.dk; helo=phk.freebsd.dk
X-W3C-Hub-Spam-Status: No, score=-3.8
X-W3C-Hub-Spam-Report: AWL=-3.082, RP_MATCHES_RCVD=-0.668
X-W3C-Scan-Sig: maggie.w3.org 1XIvlZ-0001gL-Vo 550d7d9b3b13ef478119a4087cf6731b
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP/2 and Pervasive Monitoring
Archived-At: <http://www.w3.org/mid/14357.1408263857@critter.freebsd.dk>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/26635
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
-------- In message <53F04169.1050507@treenet.co.nz>, Amos Jeffries writes: >For my part, I do not believe that timing assertions in the argument are >sufficiently long. > >- 250ms is only the normal network lag of a connection That's not a relevant metric. Imagine NSA buys 10 million CPUs dedicated CPUs for breaking HTTP whitening. These would be above and beyond what they currently use for the plain-text HTTP PM, it's not a trivial cost. At a cpu cost of 250 msec/connection, they can break: 10e6 / .25 = 40 million HTTP connections a second. According to Netcraft, there are north of 100 million active sites on the web. If, on average, they each get connection every other second, NSA will no longer be able to see all the traffic, and therefore, in strict mathematical terms it is no longer PM. In practice it would still be, because NSA doesn't need to see all traffic to pornsites, netflix, major news sites etc, and that amounts to about 80% of all HTTP today. This introduces a scaling factor of about 5-10 in NSAs favour. But all we need to know is how many HTTP connections there are globally per second and how many CPUs NSA would be able to dedicate to un-whitening, and do a division. Unfortunately, neither number is readily available. My back-of-the-envelope calculation came out to around a quarter of a second which I estimate is about 32 bits of key. Your BOTE numbers will vary, and I'd love to hear them. But the conclusion is evident: It doesn't take much work to make PM uneconomical. Poul-Henning PS: A interesting point here is that NSA is not limited in space but in money and energy. We should really be talking about how many cents and Joule it takes to break a TCP connection. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
- HTTP/2 and Pervasive Monitoring Mark Nottingham
- Re: HTTP/2 and Pervasive Monitoring Amos Jeffries
- Re: HTTP/2 and Pervasive Monitoring Greg Wilkins
- RE: HTTP/2 and Pervasive Monitoring K.Morgan
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Mark Nottingham
- Re: HTTP/2 and Pervasive Monitoring Mark Nottingham
- Re: HTTP/2 and Pervasive Monitoring Eliot Lear
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Martin Nilsson
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- RE: HTTP/2 and Pervasive Monitoring Albert Lunde
- Re: HTTP/2 and Pervasive Monitoring Cory Benfield
- Re: HTTP/2 and Pervasive Monitoring Erik Nygren
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Roland Zink
- Re: HTTP/2 and Pervasive Monitoring Martin Thomson
- Re: HTTP/2 and Pervasive Monitoring Brian Smith
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Eliot Lear
- Re: HTTP/2 and Pervasive Monitoring Greg Wilkins
- Re: HTTP/2 and Pervasive Monitoring Greg Wilkins
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Stephen Farrell
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Roland Zink
- Re: HTTP/2 and Pervasive Monitoring Stephen Farrell
- Re: HTTP/2 and Pervasive Monitoring Amos Jeffries
- Re: HTTP/2 and Pervasive Monitoring Eliot Lear
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Ilari Liusvaara
- Re: HTTP/2 and Pervasive Monitoring Mark Nottingham
- Re: HTTP/2 and Pervasive Monitoring Greg Wilkins
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Martin Thomson
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Martin Thomson
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp