IETF Logo Mail Archive

Re: [Masque] Design team PR for QUIC-aware forwarding

Ben Schwartz <bemasc@meta.com> Fri, 26 January 2024 15:50 UTC

Return-Path: <prvs=67557af916=bemasc@meta.com>
X-Original-To: masque@ietfa.amsl.com
Delivered-To: masque@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 899A2C14F69E for <masque@ietfa.amsl.com>; Fri, 26 Jan 2024 07:50:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.103
X-Spam-Level:
X-Spam-Status: No, score=-7.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=meta.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ru6x77yRmIos for <masque@ietfa.amsl.com>; Fri, 26 Jan 2024 07:50:21 -0800 (PST)
Received: from mx0a-00082601.pphosted.com (mx0a-00082601.pphosted.com [67.231.145.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C929AC14F61A for <masque@ietf.org>; Fri, 26 Jan 2024 07:50:21 -0800 (PST)
Received: from pps.filterd (m0109333.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 40QBAlMW001549; Fri, 26 Jan 2024 07:50:21 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=meta.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=s2048-2021-q4; bh=ZXcDYEKA2nNF2lbFG8vbzm8Hvjd5Y/RIiIJZ4Rk89k0=; b=S58+47aA7uc6p7dOht90aFz0MKggUC/ESo3hqOw4uIYek652w1cpIpMAbq1BgkJ36Hj0 xqD4qWhStsFk4P6qzjaOAYPm7R8mK+MNmrCl0GxiTP6H22GaELVGaJUUv3sVFIechOpm Ef2frMa+vsvxEZAjumvgboD/L+uUcL9P0IVDf2Blu2f1uJVPxBYohnWMt2RyfSPaVW+1 Muqim0PyJNh095CpfMXMjOjBONfnfPX35XcqB2NnjYhG6wrC+QXQgw9mhIGpUqvPq2Hm kG3hRMO/3X547lXBHmw2fiwX17Eqkefap222C0z24ZTsYEIWVUC/bmPNNrLRxVEYmxfF uQ==
Received: from nam11-bn8-obe.outbound.protection.outlook.com (mail-bn8nam11lp2168.outbound.protection.outlook.com [104.47.58.168]) by mx0a-00082601.pphosted.com (PPS) with ESMTPS id 3vv1bgutmm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 26 Jan 2024 07:50:20 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FLVRp6ttYas8dBb54HI7+lLqWzhU87fQvX/CnJlktIzjuSPtIGTUDVDzGX43KnqOKme3SK6sbao+UYBhys85UQ0xwmHohfx8WKFmbptffBMuKB6evZEx25UnvgG4PBDv63uvC3drsRwDjGGpheKdQUCDo4h1obEtjuFED4tMRHHMdgf/yvK1PIo2P7Jd34UF+PZqMra/B12FcA2EV+b/sSQ27Z/XITn71X5gP8X4E01A+lyeBuieGSHzaFAHNCeE/zHPtQnxcealrf0bgrXhQqUjfkqVj9GyoXy3Qf82rSUMNvVULs2aLv0/icrve34WgsL6gqx6NJEe2LqcBBZO7g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JDySyFyo3R+fMOhR5FVNwxyweFMPNG7DvkMxOuKHIpg=; b=NRyn0WrrefLKV40H7exXbYtFB4oN8zE5zvSEFj9loyR0IPkaZwWwubqgAXc9BZIH5KYHghuNfNReTzwtRewNyCeaLHphlq0XStiLxxyU5Q/SW/Z/EA4B8mFBWwrntpJYnoqd0ZEGE9+qRu0equRc7/DPC419ocI0P/o44yYfRGuCE3RDo7a4fqndFVuYA9EqZ9cbacbDrXmlChzz5BAK0sAwXc9kV3OCLQUHszIRtBqE2wJvspO8hxq+M5FCiHYSICjjKApXB2oEQUu0TC4/75bUt0QlTSp8MFT/Vl3Cnjvk2yaoU/LjxCQ+cjkUMQpQBi8eonDd7vNUup4nnBVCXg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=meta.com; dmarc=pass action=none header.from=meta.com; dkim=pass header.d=meta.com; arc=none
Received: from SA1PR15MB4370.namprd15.prod.outlook.com (2603:10b6:806:191::8) by MN6PR15MB6027.namprd15.prod.outlook.com (2603:10b6:208:473::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.26; Fri, 26 Jan 2024 15:50:10 +0000
Received: from SA1PR15MB4370.namprd15.prod.outlook.com ([fe80::346c:281d:4cd9:787b]) by SA1PR15MB4370.namprd15.prod.outlook.com ([fe80::346c:281d:4cd9:787b%7]) with mapi id 15.20.7228.027; Fri, 26 Jan 2024 15:50:10 +0000
From: Ben Schwartz <bemasc@meta.com>
To: Martin Thomson <mt@lowentropy.net>
CC: MASQUE <masque@ietf.org>
Thread-Topic: [Masque] Design team PR for QUIC-aware forwarding
Thread-Index: AQHaT90kqni3oAFL8kCtvIb83P84ELDrShiAgAAgVwCAAM3AXw==
Date: Fri, 26 Jan 2024 15:50:10 +0000
Message-ID: <SA1PR15MB4370B2B068270D4752B79696B3792@SA1PR15MB4370.namprd15.prod.outlook.com>
References: <62F6E4BF-7BF5-4829-B17B-F496C5ED934C@apple.com> <CAPDSy+6tV70pHAiKAjS=TXaFyoBT5EUABbvLkiwA4NJ4fEXRVQ@mail.gmail.com> <e92645ae-6015-4945-acbc-7d48927c3903@betaapp.fastmail.com>
In-Reply-To: <e92645ae-6015-4945-acbc-7d48927c3903@betaapp.fastmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SA1PR15MB4370:EE_|MN6PR15MB6027:EE_
x-ms-office365-filtering-correlation-id: e4068a34-39f5-464e-fd12-08dc1e867a5f
x-fb-source: Internal
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 0cmZe4g0pegcACYxEmaI0cLtX7/0zzWh6WyDEjakrG7WLWWbeOu+qsFF2KVVPgtJ2/RQmB7udGrlVIvdMJIbKxly3VAfY/0pRwelBhG1XWYMgTXlnJgF6yQdWLUw44jUTGYC6fIfBrTSdza+Qdw2TUAwm0n6Foo9AI3GpjzHuiL4J4mxQRBitonHkbxROLbCFKUDDCXxzE1WAfNLQXh0HaT5dFGiwsqVWhsTuEhGTUYguf/3RHyTUJ8yCehCT80veeDArk1MeGtp7iul0PzjM3p655/I9i6gLVxu761csaejVa3lR6puhpkl/aTb+I/CIiV+baS/JPbpw+Neag9HulxbJ7KLSKADmS7Z71oE8kICfQuJ8rHsDZf7nzYuhkqsKEhUncbkKkvYIYAZyBMu7P+4Er+fgWFLfs7XXOKeRHWgLrtOqCTTRwswRUbXhi3Ia97eAoXzzDArEHTv1GVQhJDOZwe3EjNyJ3qYdtgJuOnYsr4WgPxKDRd3IJwB9ZzOQQkyXz7xEs1efWkO1hcwsjWoGwizAwkkznM1/dF2W2X3W2KTsXA2RNVVPOVti4KJKhKpe0bzQnRVqj3TdwaDKiyS1l1VwXqz77Qu3cpIa0AOEtH6Q2cI+0B+07W+NzBQCtQ84Cl7rnxCZ0UpLhwkiQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SA1PR15MB4370.namprd15.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366004)(376002)(396003)(39860400002)(136003)(346002)(230173577357003)(230273577357003)(230922051799003)(1800799012)(64100799003)(186009)(451199024)(83380400001)(9686003)(122000001)(71200400001)(316002)(66476007)(66556008)(7696005)(6916009)(19627405001)(64756008)(66946007)(66446008)(6506007)(91956017)(55016003)(966005)(1015004)(38100700002)(166002)(76116006)(4326008)(8936002)(53546011)(8676002)(478600001)(52536014)(2906002)(86362001)(66899024)(41300700001)(38070700009)(5660300002)(33656002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: /voNP71PSw2sA4JsPc1BkBiWgajxjGCYDXO4ltinkQJwyZS2KUjZLGyS3M+9qUDyfgYhkaUjl8rod4PTI7HsEZ5r51NuH2tJcMVZt7EvekDFYB1hrh2p+YMwH1unAOsGn++ne4OiYHDYFn86MWitIYRWLleYIrxm66NctAkuCXXxsz1mwe/eK3wqyMBnifqgxB5febwIfazXVO2I8ifufr9+8p9Vaj3R/AGpNo0fj6mdtG/XYWFRXZ7L9q4u8XU1ghWLbZb+7f3PN9FTJ/UZY6H+6pi6C01P2U08ApBxCz/vRdKyvp2j3qMXQtUej4SnGQeDcpJilpbxqy2P/WEWSRWE5SmyJdT6xvmjhCR6+1U1DEYsZVd8OM4meQq7KL/Fh0J68qW9JmetYkRG73gdHfY+PkX6oC23R/I7MwxaFRCsylrI9R414hYe7N0wPaB7J1I6bK71z1fCRaJ08uTEegemcHnsaHx153KPu1n+BqD1g4nLS1SwKH0d/AmsqfIJyqz1uaUL8Zj91yUI6PvWecnZcH40GFho3PI5BAQUeLrmDwZmsg6FfFTNIEzkthLqHir12LgIuxbQ5iZXTPCd/HcAanDs+gG/QkkoOCAY6tc+mkcxDMb5SQ5Gfx/pDWd+1Jicrbq8zhVVM6b7MPv1kzc80EMaT+uaBrr3XyLKhzV+CNJk9gXQTr5NK5YUMoneVH0h05QTM3LWwirsjx1trDJF8BKtTrXWsP+V1Y/Dq0TvaQbvg0InWVmpWu3a7dsxClmR1KIpN2qGl0KOYPo8BatDjB7Xh9wYfRr2lOZysRl+zMig+U+6xxgA9K8l72aE96xys+SHr5p47R9TgnZzI1V9K7StmH0VZ2Wx6ZtbxK8F7fPOq8a5fqR40jliByfiN77ENv7ImBReS3JD4p3F4FnZJy5nuJX5XfdV20thD2AVuMqkwwZO2h6H8dN2V91rm6O2T4agVGXHO3/NxMmmo0uZPZeoP5PllpYlFPXMy/O1oRtw1eOrTBKS6H3Yu1uLUdgOSkgNRQETK3DMRbz/lv3Xjh40ogKtY3ona53zvTxObjUGO8v3+pgRPqBseMC66rE6S/5S384M8deLn8gg4FsOqJbQ2EnI0Ktw4tbxz2yt/Nw0z27XgGSxs7bcIUwnQSOUHM5Tav1YYJA8lgyYUBFwdGnucWUQ5C2rsK59cSGlwLFnquxTmoM6ayTOFAhOQYu8/62Q+P+0QN5nVataKD5iGPz0CRvwqXGMmz8J4wnkkMipACUGBuyBOo9O9VBNrRKdRxgiP8fnlbXJMKGbDOM536vaBqrV4kDuHaHB2JAyB12RQX53ZzvcRyFe/ODqhI0R9ZfC1QS6ONMjQjo2RKGNhUfJ/Ch2oQd211N6+CQsoam4UGlW5vBvFda0x0ezFlq3kRVY/DTYjrdk3G+TNDwtXeLx/gBLZEYOlLv7uyqhhEYeen2No3wxilmxlL0krCGGUY9TNrMgnKRhs5+c8UCz1fGX4rq/p5g0spd0MSVhxjQhEBuEo6FRRj4jUA34UmzL+vGJiRBazz99XYkfcnpZa9ebyRGun8rE67nHzAhyRPEfCi2aBRPTEcCWm1kvuPzXFr8h4Vb1LahoiJfXvbnHfD3V1bvsc9FoJN3q/qc=
Content-Type: multipart/alternative; boundary="_000_SA1PR15MB4370B2B068270D4752B79696B3792SA1PR15MB4370namp_"
X-OriginatorOrg: meta.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA1PR15MB4370.namprd15.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e4068a34-39f5-464e-fd12-08dc1e867a5f
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Jan 2024 15:50:10.7033 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: wsY3JCGPHJdw327yK0gBUXpn7a62ceKezzy2ok/21hR/IHSlajm5gtG3Xtx9onkz
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN6PR15MB6027
X-Proofpoint-GUID: v6T5XmIzuFesBw6-fpvkx-DG57Mi3Nw7
X-Proofpoint-ORIG-GUID: v6T5XmIzuFesBw6-fpvkx-DG57Mi3Nw7
X-Proofpoint-UnRewURL: 20 URL's were un-rewritten
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-01-25_14,2024-01-25_01,2023-05-22_02
Archived-At: <https://mailarchive.ietf.org/arch/msg/masque/LxHQppCYasKPmWaRkRsAJDeo42A>
Subject: Re: [Masque] Design team PR for QUIC-aware forwarding
X-BeenThere: masque@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Multiplexed Application Substrate over QUIC Encryption <masque.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/masque>, <mailto:masque-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/masque/>
List-Post: <mailto:masque@ietf.org>
List-Help: <mailto:masque-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/masque>, <mailto:masque-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jan 2024 15:50:25 -0000

We do scramble the first byte.  We don't scramble the first bit​.

Keeping the 0x80 bit set to zero on the wire seems pretty important.  Otherwise, the proxy has no reliable way to distinguish scrambled packets from Long Header packets, with which they share a port.  Maybe it could use trial decryption with the Initial Keys, but that seems wasteful (and is not a QUIC Invariant).

An alternative would be to steal the Fixed Bit (0x40) for this purpose, but that bit is only fixed in QUICv1.

Regardless, as Antoine said, padding in Forwarded Mode is such an extremely weak defense that I don't think it's worth pursuing [1].  I would be happy to work with anyone who's interesting in trying to design an HTTP transport that offers a real defense against traffic analysis, but I think Forwarded Mode would not be the starting point.

--Ben Schwartz

[1] https://github.com/ietf-wg-masque/draft-ietf-masque-quic-proxy/issues/92#issuecomment-1875677434


________________________________
From: Masque <masque-bounces@ietf.org> on behalf of Martin Thomson <mt@lowentropy.net>
Sent: Thursday, January 25, 2024 10:09 PM
To: David Schinazi <dschinazi.ietf@gmail.com>; Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org>
Cc: MASQUE <masque@ietf.org>
Subject: Re: [Masque] Design team PR for QUIC-aware forwarding

!-------------------------------------------------------------------|
  This Message Is From an External Sender

|-------------------------------------------------------------------!

So you don't scramble the first byte and you don't pad.

You know... there is a way to achieve both with minimal additional complexity and no additional overhead aside from any added padding:

If you encrypt the first byte, you can also use 0x80 to signal whether padding is present.  Then you can use a zero pad sequence terminated by a non-zero byte at either end of the packet (suggestion: the end).

On Fri, Jan 26, 2024, at 12:13, David Schinazi wrote:
> Thanks Tommy!
>
> In case it's helpful to others, here's a rendered diff between this
> branch and main:
> https://author-tools.ietf.org/diff?url_1=https://ietf-wg-masque.github.io/draft-ietf-masque-quic-proxy/draft-ietf-masque-quic-proxy.txt&url_2=https://ietf-wg-masque.github.io/draft-ietf-masque-quic-proxy/design-team/draft-ietf-masque-quic-proxy.txt
>
> David
>
> On Thu, Jan 25, 2024 at 2:23 PM Tommy Pauly
> <tpauly=40apple.com@dmarc.ietf.org> wrote:
>> Hi MASQUErs,
>>
>> On behalf of the design team for draft-ietf-masque-quic-proxy that was tasked on adding a proposal to add encryption on the forwarding path, I’d like to share the pull request to the document that represents the proposal of the team. This is largely what was presented at the last IETF meeting, adding support for negotiating protocol transforms, and defining the “scramble” transform.
>>
>> Here is the PR against the base document: https://github.com/ietf-wg-masque/draft-ietf-masque-quic-proxy/pull/99
>> Here is the rendered version: https://ietf-wg-masque.github.io/draft-ietf-masque-quic-proxy/design-team/draft-ietf-masque-quic-proxy.html
>>
>> Please take a look and feel free to add comments to the PR or the mailing list!
>>
>> Thanks,
>> Tommy (& David, Ben, Eric, Mirja, Antoine, & Tiru)
>> --
>> Masque mailing list
>> Masque@ietf.org
>> https://www.ietf.org/mailman/listinfo/masque
> --
> Masque mailing list
> Masque@ietf.org
> https://www.ietf.org/mailman/listinfo/masque

--
Masque mailing list
Masque@ietf.org
https://www.ietf.org/mailman/listinfo/masque

v2.23.0 | Report a Bug | By Email