[Pearg] About hiding in crowds
Christian Huitema <huitema@huitema.net> Mon, 10 August 2020 23:25 UTC
Return-Path: <huitema@huitema.net>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 657BB3A0E64 for <pearg@ietfa.amsl.com>; Mon, 10 Aug 2020 16:25:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yGPyBLHqOPOJ for <pearg@ietfa.amsl.com>; Mon, 10 Aug 2020 16:25:06 -0700 (PDT)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D82D33A0E66 for <pearg@irtf.org>; Mon, 10 Aug 2020 16:24:58 -0700 (PDT)
Received: from xse297.mail2web.com ([66.113.197.43] helo=xse.mail2web.com) by mx165.antispamcloud.com with esmtp (Exim 4.92) (envelope-from <huitema@huitema.net>) id 1k5H9r-0004KV-RQ for pearg@irtf.org; Tue, 11 Aug 2020 01:24:49 +0200
Received: from xsmtp22.mail2web.com (unknown [10.100.68.61]) by xse.mail2web.com (Postfix) with ESMTPS id 4BQX9g6BS2z1xXB for <pearg@irtf.org>; Mon, 10 Aug 2020 16:24:39 -0700 (PDT)
Received: from [10.5.2.17] (helo=xmail07.myhosting.com) by xsmtp22.mail2web.com with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.92) (envelope-from <huitema@huitema.net>) id 1k5H9j-00031v-OU for pearg@irtf.org; Mon, 10 Aug 2020 16:24:39 -0700
Received: (qmail 8342 invoked from network); 10 Aug 2020 23:24:39 -0000
Received: from unknown (HELO [192.168.1.107]) (Authenticated-user:_huitema@huitema.net@[172.58.43.61]) (envelope-sender <huitema@huitema.net>) by xmail07.myhosting.com (qmail-ldap-1.03) with ESMTPA for <pearg@irtf.org>; 10 Aug 2020 23:24:39 -0000
To: pearg@irtf.org
References: <f49c190e-91a8-eaba-5069-4f39b95c75f6@cs.tcd.ie> <b8ab4ccf-ed8a-7b2b-c36d-bfb240aca54b@cs.tcd.ie>
From: Christian Huitema <huitema@huitema.net>
Autocrypt: addr=huitema@huitema.net; prefer-encrypt=mutual; keydata= mDMEXtavGxYJKwYBBAHaRw8BAQdA1ou9A5MHTP9N3jfsWzlDZ+jPnQkusmc7sfLmWVz1Rmu0 J0NocmlzdGlhbiBIdWl0ZW1hIDxodWl0ZW1hQGh1aXRlbWEubmV0PoiWBBMWCAA+FiEEw3G4 Nwi4QEpAAXUUELAmqKBYtJQFAl7WrxsCGwMFCQlmAYAFCwkIBwIGFQoJCAsCBBYCAwECHgEC F4AACgkQELAmqKBYtJQbMwD/ebj/qnSbthC/5kD5DxZ/Ip0CGJw5QBz/+fJp3R8iAlsBAMjK r2tmyWyJz0CUkVG24WaR5EAJDvgwDv8h22U6QVkAuDgEXtavGxIKKwYBBAGXVQEFAQEHQJoM 6MUAIqpoqdCIiACiEynZf7nlJg2Eu0pXIhbUGONdAwEIB4h+BBgWCAAmFiEEw3G4Nwi4QEpA AXUUELAmqKBYtJQFAl7WrxsCGwwFCQlmAYAACgkQELAmqKBYtJRm2wD7BzeK5gEXSmBcBf0j BYdSaJcXNzx4yPLbP4GnUMAyl2cBAJzcsR4RkwO4dCRqM9CHpVJCwHtbUDJaa55//E0kp+gH
Message-ID: <f6807aed-d494-4020-4d75-dcf73ad22d4f@huitema.net>
Date: Mon, 10 Aug 2020 16:24:32 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0
MIME-Version: 1.0
In-Reply-To: <b8ab4ccf-ed8a-7b2b-c36d-bfb240aca54b@cs.tcd.ie>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="YtLBW90hKMSJwbIfv4iL3UbGp751ZjBLx"
X-Originating-IP: 66.113.197.43
X-Spampanel-Domain: xsmtpout.mail2web.com
X-Spampanel-Username: 66.113.197.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=66.113.197.0/24@xsmtpout.mail2web.com
X-Spampanel-Outgoing-Class: unsure
X-Spampanel-Outgoing-Evidence: Combined (0.15)
X-Recommended-Action: accept
X-Filter-ID: Mvzo4OR0dZXEDF/gcnlw0X2OOYwfFINEXkW0Te3GMuqpSDasLI4SayDByyq9LIhVUZbR67CQ7/vm /hHDJU4RXkTNWdUk1Ol2OGx3IfrIJKywOmJyM1qr8uRnWBrbSAGDpaUm5TrTL2ku6BQx2IM1+5j9 EvBvwu01uVCaGVBWGquMGjp8gKynRFO2CQGaTIUu2rBNMmEsKEibQwSU1xBeOHButNDpi1WUXRkr He1vFsZaZad0VL/QynhFAlbT36L8hojBTalhRrscvN0XVCh+owZ6weYgSzquK2hxskqXvy8woCTx LKweTbuJ+19zsyHVGVmhMAaQ/AfCRwRe7yHm5oY+NYmsSGn+svMubxnbgm1cr18FZBEPC2/c16Xd 7sC9aC4xteE1WLqGS9YoqrsZ2DyteN0e+ECCv9/f+GPymkgDVo7QBKA4MctKq4ifYPcXFRL2K3LA EfDXVOdt7wDbusYnuEVWSxKMHbU0zkNM3EElFDaoLuOPKc8gc82pKfhB7T02ZXdoQxMs//iOE4Fl hiCv9TR+UxzLZWL8hwGBjhoI3W+YcuHfP5PkZb5A+wE5qGdpH54Oa3V8I76VOEvlwIVUdYndRiyh yQb8o5SNcNSytLldAWwOQdWXiOxaYDn+YptwQTuNgu0Qw+gDHkw/H8pXXdczUFV19XHNrAd2Zgkv UwPy3x0FYtCNEb10sHyQCLHEvD1OqP6bgZ4L66GcgBg66gs5OuzYxJgw5atIxeNDvjI/CYe5WPy0 +t1RP0az5OdpVfxYhVwU7WTgoOzTmJxMPnetLBJMh51NiRRoHIBcx+RfJhharlTKaH22UolymiK7 x42VjdzChZMe6O/DiWiiIzuXMTE3l4bIsk+O50uj4V5kDYvgqzRsCpJnLzRD08QV3No+S2msRDep v5w/kkG0v17AmegcpQ0tml/sN9lmMy/o83jVXTcfb9k0nLWblJy7uxV6dw8jzlsaNZe6hynMJcjx DydxsJEju76A7X1QIVydqXpZ6MHhiKws9Iiut28r9wo4SqUIg8Yh9hAM0n3LLzx/F2gT3wl8JQJv Bho=
X-Report-Abuse-To: spam@quarantine11.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/0vZWzuD8RAiDR9GlhBMyGuuV_5I>
Subject: [Pearg] About hiding in crowds
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Aug 2020 23:25:15 -0000
A lot of the privacy extensions recently developed amount to "hiding in crowds". For example, SNI encryption assumes that multiple servers are accessible through the same IP address. If the SNI is hidden, outside observers won't know which one was accessed. DNS encryption makes the same assumption in an indirect way. It assumes that we gain privacy by hiding the DNS exchange that maps www.example.com to an IP address. This is fine, except for the fact that most servers have their own IP address. You can hide the DNS exchange, you can hide the SNI, but outside observers will still be able to understand which servers you are accessing by simply looking at the address header. If we want real privacy, we will need something else! How do I know? I started with the Majestic Million list of domain names, and resolved 25,000 of these names, and found out that on average a given IP address was shared by about 1.21 names, as explained in: https://huitema.wordpress.com/2020/08/09/can-internet-services-hide-in-crowds/). And then I resolved the next 25000 names to be more sure of the results. The average increased slightly, from 1.21 to 1.22, which does not change the results much. 74.6% of domains use an address that is unique to them, 8.7% use an address shared by 2 domains, and only 8% use an address shared by 10 or more servers. DNS encryption and SNI encryption do bring privacy for a minority of connection, for which it may well be important. But they do not improve privacy in 75% of the cases. I understand that privacy-warriors can use VPN, proxies or Tor. But these tools are far from perfect -- see the recent Sybil attacks against Tor, or the outveiling of shady business practices by many VPNs. In any case, these tools at best provide "privacy for a few active users". But that leaves aside the bulk of Internet users. Thus my question for this program: how would we provide privacy for the masses? -- Christian Huitema
- [Pearg] About hiding in crowds Christian Huitema
- Re: [Pearg] About hiding in crowds Eliot Lear
- Re: [Pearg] About hiding in crowds Mirja Kuehlewind
- Re: [Pearg] About hiding in crowds Shivan Sahib
- Re: [Pearg] About hiding in crowds Christian Huitema