Re: [ippm] Alissa Cooper's No Objection on draft-ietf-ippm-6man-pdm-option-09: (with COMMENT)
Nalini J Elkins <nalini.elkins@insidethestack.com> Mon, 03 July 2017 01:17 UTC
Return-Path: <nalini.elkins@insidethestack.com>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F2F1129AD5 for <ippm@ietfa.amsl.com>; Sun, 2 Jul 2017 18:17:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.411
X-Spam-Level:
X-Spam-Status: No, score=0.411 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FORGED_MUA_MOZILLA=2.309, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZmAZGpjQxpeb for <ippm@ietfa.amsl.com>; Sun, 2 Jul 2017 18:17:50 -0700 (PDT)
Received: from sonic329-27.consmr.mail.gq1.yahoo.com (sonic329-27.consmr.mail.gq1.yahoo.com [98.137.67.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0341A127601 for <ippm@ietf.org>; Sun, 2 Jul 2017 18:17:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1499044667; bh=Kq+wi8wpsuPscy3lCDp01mfBXBa5Y0fmo4k0GBdyKF4=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:From:Subject; b=hqqs6wwM0LYsXopMlNQR06pFXrpOlRGxbZkCjn5XYvzb8BSGVX4Pl3m3Xy1Ukm4SW63kndopujIxs/hvCD6UDi5xNSSP1xVghH8UTvU9Vbw9d4QPHjJ7D2e4yC3IBrtMaVObnLuhtm4ahpnLVEXsd4GhFMbLimeIxB4znhG2wBzgJ/A/y9fU/t3e/FPAfLNXHeSG2Xcng0HkDJ+AqQVxNzO3rykjOz+nq8DTJ+ryPeBkmEG4871aybyN/IKjBjEPFF+kv031ZBrFvqKHcQoXNb2thon/VcySAQbT5rCPf9aXdhvUHvFHLFwgedPOtAFs0wvBodo2ZWvyKGnevd9zQA==
X-YMail-OSG: K6LECzYVM1nG8A2vMrdd1ML5Qhm73wj1cucFUGFtcvsZdWmueALy4YCnojAyUpP ftJM1IrYJxv5e6l4LccAbm8aIZ855gxM2boukshn4x1hhvUAjfI8jsLOAZtphWefBAHsnPK0N7dh JZl2onlsRL_ZSjMqBU3xt6_pO1iOlOSnX4uSSIP5VfwG002aEk6ib120DUxkbl_IJCKGMYixSuaP NJ7u9Nx9taq17dP9GXqrVhkGSUnBbzoac9C1xte3s9SLUo9gxz_s0M_l3SVAuGPtRJtQCUIgsFXZ EtNmIA6r1p9TJfgcStbflqzGDeoz_nwSuNEnS4aH68PJovUvak4iS_3tCRoJfPxwdmwM9VgsAsP1 fchQbGWy8y2bfLGkNwhTn96FNolNZMPoVB77gpSf7eCENvBep9VTnhgDsxRLsQbPFcic7m43WGXC bxnwWuUWFORw9XoO1BgVrKh5S_dsarZ.HAd9SLReC9RbyEGX5o6gtEXOvuT5p6oT0ETfQ1JYxzyg pVKE4phxFtqRS72x3IspzN_a9xtKQ2bLdQkfLwWn_Oici.xAsmnukoxb0hxO3p4TU9CP4mxOaqM1 prJdEEHTpLeig7eKX5enTE9cgTq7KSzkNY6Qu.OHuSX81N60RZEpT8_8lZUw-
Received: from sonic.gate.mail.ne1.yahoo.com by sonic329.consmr.mail.gq1.yahoo.com with HTTP; Mon, 3 Jul 2017 01:17:47 +0000
Date: Mon, 03 Jul 2017 01:17:46 +0000
From: Nalini J Elkins <nalini.elkins@insidethestack.com>
Reply-To: Nalini J Elkins <nalini.elkins@insidethestack.com>
To: Alissa Cooper <alissa@cooperw.in>
Cc: IESG <iesg@ietf.org>, "draft-ietf-ippm-6man-pdm-option@ietf.org" <draft-ietf-ippm-6man-pdm-option@ietf.org>, Bill Cerveny <ietf@wjcerveny.com>, "ippm-chairs@ietf.org" <ippm-chairs@ietf.org>, "acmorton@att.com" <acmorton@att.com>, "ippm@ietf.org" <ippm@ietf.org>
Message-ID: <663212182.3082331.1499044666769@mail.yahoo.com>
In-Reply-To: <4F5FBC6F-F92A-4A28-9A22-3EE9DD541CC4@cooperw.in>
References: <149200885746.15718.798617550888585150.idtracker@ietfa.amsl.com> <922169529.4233696.1495466806431@mail.yahoo.com> <4F5FBC6F-F92A-4A28-9A22-3EE9DD541CC4@cooperw.in>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_Part_3082330_1991347944.1499044666767"
X-Mailer: WebService/1.1.9978 YahooMailNeo Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/7d5KQQpU1c_sX6Hs4uBE9rOORXQ>
Subject: Re: [ippm] Alissa Cooper's No Objection on draft-ietf-ippm-6man-pdm-option-09: (with COMMENT)
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Jul 2017 01:17:51 -0000
Alissa, > Thanks, this seems better to me. Thanks so much for your response. The current draft-13 (https://datatracker.ietf.org/doc/draft-ietf-ippm-6man-pdm-option/) contains the accepted new language below and has some additions to further explain the payload. I believe that your comments are integrated into the wording. Accepted language ------------------------ As far as deducing the content of the payload, it is conceivable that an attacker could attempt to deduce the type of application in use by noting the server time and payload length. Having said that,some encryption algorithms attempt to obfuscate the packet length to avoid just such vulnerabilities. In the future, encryption algorithmsmay wish to obfuscate the server time as well. Language in draft-13 ----------------------As far as deducing the content of the payload, in terms of theapplication level information such as web page, user name, userpassword and so on, it appears to us that PDM is quite unhelpful inthis regard. Having said that, the ability to separate wire-time from processing time may potentially provide an attacker with additional information. It is conceivable that an attacker could attempt to deduce the type of application in use by noting the server time and payload length. Some encryption algorithms attempt to obfuscate the packet length to avoid just such vulnerabilities. In the future, encryption algorithms may wish to obfuscate the server time as well. Thanks, Nalini >On May 22, 2017, at 11:26 AM, Nalini J Elkins <nalini.elkins@insidethestack.com> wrote: > >>Alissa, > > >>Please let me know if you are OK with the proposed change. > > > > >>>Alissa Cooper has entered the following ballot position for > >>>draft-ietf-ippm-6man-pdm-option-09: No Objection > > > > > >>>Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > >>>for more information about IESG DISCUSS and COMMENT positions. > > > > > >>>The document, along with other ballot positions, can be found here: > >>>https://datatracker.ietf.org/doc/draft-ietf-ippm-6man-pdm-option/ > > > > > > > >>>---------------------------------------------------------------------- > >>>COMMENT: > >>>---------------------------------------------------------------------- > > > >>>The analysis in Sec 4.2 seems to be missing some considerations. In cases > >>>where the packet payload is encrypted and the attacker does not have > >>>access to the keys, the attacker does not in fact have access to the > >>>entire packet, in which case PDM provides more information than a packet > >>>without PDM. Also in those cases, it seems like including PDM information > >>>would generally make a packet stream more susceptible to traffic analysis > >>>insofar as the timing and sequence information may provide additional > >>>indicators about the type of application in use, not just the speed of > >>>the end host. > > > > > >Are you OK if I do the following: > > > > >OLD >------ > Since PDM passes in the clear, a concern arises as to whether the > data can be used to fingerprint the system or somehow obtain > information about the contents of the payload. > > > Let us discuss fingerprinting of the end host first. It is possible > that seeing the pattern of deltas or the absolute values could give > some information as to the speed of the end host - that is, if it is > a very fast system or an older, slow device. This may be useful to > the attacker. However, if the attacker has access to PDM, the > attacker also has access to the entire packet and could make such a > deduction based merely on the time frames elapsed between packets > WITHOUT PDM. > > > As far as deducing the content of the payload, it appears to us that > PDM is quite unhelpful in this regard. > > > > > > >New >------ > > >Since PDM passes in the clear, a concern arises as to whether the > >data can be used to fingerprint the system or somehow obtain >information about the contents of the payload. > > >Let us discuss fingerprinting of the end host first. It is possible >that seeing the pattern of deltas or the absolute values could give >some information as to the speed of the end host - that is, if it is >a very fast system or an older, slow device. This may be useful to >the attacker. However, if the attacker has access to PDM, the >attacker also has access to the entire packet and could make such a >deduction based merely on the time frames elapsed between packets >WITHOUT PDM. > > >As far as deducing the content of the payload, it is conceivable >that an attacker could attempt to deduce the type of application in >use by noting the server time and payload length. Having said that, >some encryption algorithms attempt to obfuscate the packet length >to avoid just such vulnerabilities. In the future, encryption algorithms >may wish to obfuscate the server time as well. > > > > > >
- [ippm] Alissa Cooper's No Objection on draft-ietf… Alissa Cooper
- Re: [ippm] Alissa Cooper's No Objection on draft-… Nalini J Elkins
- Re: [ippm] Alissa Cooper's No Objection on draft-… Spencer Dawkins at IETF
- Re: [ippm] Alissa Cooper's No Objection on draft-… Alissa Cooper
- Re: [ippm] Alissa Cooper's No Objection on draft-… Nalini J Elkins