IETF Logo Mail Archive

Re: Address privacy

Tom Herbert <tom@herbertland.com> Tue, 28 January 2020 03:11 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E5083A0B65 for <ipv6@ietfa.amsl.com>; Mon, 27 Jan 2020 19:11:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mH7kwzBlSccQ for <ipv6@ietfa.amsl.com>; Mon, 27 Jan 2020 19:11:10 -0800 (PST)
Received: from mail-ed1-x52d.google.com (mail-ed1-x52d.google.com [IPv6:2a00:1450:4864:20::52d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 690D33A0B63 for <ipv6@ietf.org>; Mon, 27 Jan 2020 19:11:10 -0800 (PST)
Received: by mail-ed1-x52d.google.com with SMTP id m13so13093391edb.6 for <ipv6@ietf.org>; Mon, 27 Jan 2020 19:11:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=C8xV9a2QVHfS7+bOlseq2PE2LdCzxCFW2jTl33sSoDY=; b=DM/aTBn5l3L11odqDwCVkMUdDNmgvRqz4P8TjtpJAhM1GrgwVTLbYYTDVB6RHGXor2 EkgYe2NCQJOP48pD/8WGAUGmsdYhzwo5KrRF3IJT6KJQOer6tII9wMKmX6GXj1moroa4 wdE4yUpAkwjqTMEbznMQM5btwSKfGbX2D5QNQMiaQGYQxfHfFcB3ub8LyJJwZ6roEBNR NfeA/psvMIznCsPUA0t4uK7KXiRGIO7fW0RRyupdHsl9HgPEEuvvg/1pKFkn46wYWa6M G2g8KGlXgTWaxPeeJO1kyy3LlY8qwlgypULfwzUiVhzFshQKP/t/uLWqccchiVajQ1Tr 3dNA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=C8xV9a2QVHfS7+bOlseq2PE2LdCzxCFW2jTl33sSoDY=; b=lGLnCFq1s2N9WK8LIoR6yQAh4Vg9RXhLOhfiCxdDF9P5tcYHvMLBSa/uSCxLYmEHrD eTsWI9up0IUb0JdbSJ93341QVQnhCU2CEMnqF3GcJonp8itQa8Nrr4vIcpFW/reU9Yos jfIs84vJ60HPhaFvfZJ2EqDS389h5f9hY09M0YptMtQuZuB4+M5HBHAVxYqujbWi4tzX aVHnwnsrUUVXAQZTZOwwuKhXr6ixKyxZGqZM5seryPbBBeax0yq8Pwxtmjt7cPjbhwhk Wr3xaOQ5Hju9QrDorS3Hl6E6zqOLGKRRg3D652+w+hHRMIff4EECxFWFgXeLIUphWaz0 iqYQ==
X-Gm-Message-State: APjAAAWGbkjtTx7mUgg9w6S1OvMjHRVeKpJqU79KXmR4deUyfvblM1p2 wANJJsyS1EQSE2yXPU8aTCM3Y+AeD5LUulscTPFJIZjyhl0=
X-Google-Smtp-Source: APXvYqzWlhu3DLkifh+zXVIm7fmMTWo/09clV9MwbIht36yk1vawHU5j+moub1nOJBvHJKXykvvIXkoTEBid9VHAiAY=
X-Received: by 2002:a05:6402:6c2:: with SMTP id n2mr1497738edy.241.1580181068557; Mon, 27 Jan 2020 19:11:08 -0800 (PST)
MIME-Version: 1.0
References: <03C832CE-7282-4320-BF1B-4CB7167FE6BE@employees.org> <MN2PR11MB3565330989D411525D30B90DD80F0@MN2PR11MB3565.namprd11.prod.outlook.com> <80207E17-AE8E-4D19-B516-D2E6AB70721E@employees.org> <8D5610EA-49D3-483E-BB7A-67D67BC89346@jisc.ac.uk> <DE7B0688-230F-4A5C-8E24-9EAED9FD9FEB@puck.nether.net> <CAO42Z2zXwVnzemRqyqy78czpHjZm0nhkCJgVrx=-fmt+C6MnSA@mail.gmail.com> <1962.1579823388@localhost> <f83ab037-9125-bb74-dbac-68850aeb1020@huitema.net> <CBB23ABE-A7A3-4208-873C-E47EE063E34B@fugue.com> <11855.1579980079@localhost> <CALx6S36V_VjaxhELYcsgDYLWsCkj20p6gtiY9T9Q=9-9Oibyjw@mail.gmail.com> <32626.1580060558@localhost> <CALx6S37prWACD0jv9c-XHD-JtPqZAcgeT2Ax0EZHkiQaDR4t=g@mail.gmail.com> <419b7c7a-e364-7951-5a44-6c39e1da65fb@joelhalpern.com> <CALx6S36802oDaEgojAPq2c6hM_s1BayidXPh1Sc6RZmZa9UHpQ@mail.gmail.com> <6c5ba72d-9289-90ba-a1c9-2307ed29a4da@foobar.org> <a98bf2ab-32e7-459b-14d2-5e0e1c65a229@si6networks.com>
In-Reply-To: <a98bf2ab-32e7-459b-14d2-5e0e1c65a229@si6networks.com>
From: Tom Herbert <tom@herbertland.com>
Date: Mon, 27 Jan 2020 19:10:57 -0800
Message-ID: <CALx6S36J5TPnXJQyMW2NUbQV6KL_oqUQ01m+BEzBJ+xcHpmQWw@mail.gmail.com>
Subject: Re: Address privacy
To: Fernando Gont <fgont@si6networks.com>
Cc: Nick Hilliard <nick@foobar.org>, 6man WG <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/eQprBLMqfMVCBCNnJatTLnfByqI>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jan 2020 03:11:12 -0000

On Mon, Jan 27, 2020 at 5:36 PM Fernando Gont <fgont@si6networks.com> wrote:
>
> On 26/1/20 18:37, Nick Hilliard wrote:
> > Tom Herbert wrote on 26/01/2020 20:16:
> >> It's intuitive
> >> that a higher frequency of address rotation yields more privacy
> >
> > intuitive, but probably inaccurate because of the a priori assumption
> > that privacy is strongly associated with the endpoint identifier.
>
> In many cases, it is: you log in to fb with a given address, and reuse
> that address to do other stuf
>
Yes, that's the "always on" network application that would allow
address tracking and identification at even high frequency of address
change. An exploit based on that is described in section 4.4 of
draft-herbert-ipv6-prefix-address-privacy-00. I believe the only way
to defeat this exploit would be single use (per flow), uncorrelated
address.

Tom

>
>
> --
> Fernando Gont
> SI6 Networks
> e-mail: fgont@si6networks.com
> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
>
>
>
>

v2.23.0 | Report a Bug | By Email