Re: [tcpm] Privacy problems of TCP Fast Open

Michael Welzl <michawe@ifi.uio.no> Tue, 21 May 2019 09:40 UTC

Return-Path: <michawe@ifi.uio.no>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7013C120048 for <tcpm@ietfa.amsl.com>; Tue, 21 May 2019 02:40:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id riHAvURdDsPs for <tcpm@ietfa.amsl.com>; Tue, 21 May 2019 02:40:03 -0700 (PDT)
Received: from mail-out02.uio.no (mail-out02.uio.no [IPv6:2001:700:100:8210::71]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D92EA120142 for <tcpm@ietf.org>; Tue, 21 May 2019 02:40:02 -0700 (PDT)
Received: from mail-mx12.uio.no ([129.240.10.84]) by mail-out02.uio.no with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.91) (envelope-from <michawe@ifi.uio.no>) id 1hT1FW-000Cm7-Na; Tue, 21 May 2019 11:39:58 +0200
Received: from boomerang.ifi.uio.no ([129.240.68.135]) by mail-mx12.uio.no with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) user michawe (Exim 4.91) (envelope-from <michawe@ifi.uio.no>) id 1hT1FV-000DKS-PX; Tue, 21 May 2019 11:39:58 +0200
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Michael Welzl <michawe@ifi.uio.no>
In-Reply-To: <4e151b52-cd6d-7145-4e0f-94c6f94eb20b@informatik.uni-hamburg.de>
Date: Tue, 21 May 2019 11:39:55 +0200
Cc: Michael Tuexen <michael.tuexen@lurchi.franken.de>, tcpm IETF list <tcpm@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <7B148CBB-3D8A-4D29-BCA7-0B241E548D4E@ifi.uio.no>
References: <ba3887b6-1554-9a67-8834-4bb598cf18f0@informatik.uni-hamburg.de> <fd9f22b0-03ee-a1ef-ee97-02a93bf2648b@informatik.uni-hamburg.de> <4194EE28-DCDF-46A3-8D26-5920E55040FD@lurchi.franken.de> <4e151b52-cd6d-7145-4e0f-94c6f94eb20b@informatik.uni-hamburg.de>
To: sy@informatik.uni-hamburg.de
X-Mailer: Apple Mail (2.3445.9.1)
X-UiO-SPF-Received: Received-SPF: neutral (mail-mx12.uio.no: 129.240.68.135 is neither permitted nor denied by domain of ifi.uio.no) client-ip=129.240.68.135; envelope-from=michawe@ifi.uio.no; helo=boomerang.ifi.uio.no;
X-UiO-Spam-info: not spam, SpamAssassin (score=-5.0, required=5.0, autolearn=disabled, UIO_MAIL_IS_INTERNAL=-5, uiobl=NO, uiouri=NO)
X-UiO-Scanned: 5A1B826E94BB3C4242CAB74D7415A8435CEDAD09
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/WGjxYvqnMC5NzMHRp7I9Clo7trM>
Subject: Re: [tcpm] Privacy problems of TCP Fast Open
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 May 2019 09:40:15 -0000

Hi all,

I'm about to make a fool of myself because I'm quite certain that I'm missing something.
But, I guess this is worth the risk - somehow I'm not risking much, as most people on this list already know me well enough to not be surprised by another foolish idea coming from me   :)


So...


Actually, couldn't we just remove the cookie from TFO?


As far as I understand, the main point of the cookie is to protect the server against clients that might spoof their IP addresses and just send tons of requests to the server - which could potentially be much heavier to handle than just the SYN state without TFO.
To some degree, this is an OS problem, not a network problem: methods could be in place to limit the time an application spends answering requests that are carried on SYNs. My question is: wouldn't that be enough?

A few years ago, I'm sure that such a proposal would have been shot by people saying that data carried by TCP is general and TCP must serve all applications, and that we can't have that kind of special treatment for data arriving via SYNs.
However, TFO has already departed from this generality, in several ways: applications using it must be able to handle incoming duplicate requests; they need to use special API calls to access the data; importantly (for the point I'm making), rate limits should already be in place when using TFO (RFC 7413, section 5.1).

So what I'm proposing is: couldn't we re-write TFO to just remove the Cookie from it, and say: "it's allowed for applications to accept data that comes with a SYN right away, but this must be done in a special way (as already described in RFC 7413), and in particular, the time an application spends processing TFO requests must be limited to avoid being DDoSed?"

If a server is overloaded and can't process any more TFO data, the result could be that it just doesn't answer at all, and the client would then retransmit the SYN, just as if the SYN had been dropped.


Cheers,
Michael



> On 21 May 2019, at 09:52, Erik Sy <sy@informatik.uni-hamburg.de>; wrote:
> 
> Hi Michael,
> 
> thanks for this question!
> 
> Yes, TFO cookies are bound to the clients (local) IP address. However, a
> client with a static local IP address in a home network will use the
> same TFO cookie independently of it's publicly visible IP address. As a
> result, TFO cookies present an independent tracking mechanism, which
> does not necessarily rely on the client's publicly visible IP address.
> 
> Returning to your example, onion routing does not necessarily protect
> you against tracking via TFO cookies.
> 
> Best regards,
> Erik
> 
> On 5/21/19 09:13, Michael Tuexen wrote:
>>> On 20. May 2019, at 23:19, Erik Sy <sy@informatik.uni-hamburg.de>; wrote:
>>> 
>>> I think it is important to warn users about the privacy risks of RFC
>>> 7413. For example, Mozilla reacted to the privacy problems of TCP Fast
>>> Open by deprecating this protocol on all it's Firefox branches. In
>>> total, TCP Fast Open has significant issues with respect to user
>>> privacy, performance and deployment on the real-world Internet. From my
>>> point of view, it is about time to deprecate RFC 7413.
>> Hi Eric,
>> 
>> my understanding is that a cookie is specific to a client address, a server
>> address and a server port. So it would make sense for a client to remove
>> entries from the cookie cache on an address change. Assuming that, how
>> does your described host based attacks relate to the server just using
>> the client IP address for tracking? If you are trying to hide you IP-address
>> (like using a TOR browser) you don't want to use TFO, but you are not
>> optimising for small RTTs in that case, so it makes no sense in that case.
>> 
>> Best regards
>> Michael
>>> Regards,
>>> Erik
>>> 
>>> On 5/10/19 14:14, Erik Sy wrote:
>>> 
>>>> Hi everyone,
>>>> 
>>>> TCP Fast Open has significant privacy problems which are not considered
>>>> in RFC 7413.
>>>> For example, this protocol allows a passive network observer to
>>>> correlate connections established by the same client, which protocols
>>>> such as TLS 1.3 and QUIC actively protect against. Furthermore, Fast
>>>> Open cookies present a kernel-based tracking mechanism which is quite
>>>> persistent. Amongst others, they can be used to conduct cross-browser
>>>> tracking on the same operating system.
>>>> For further details please refer to this article:
>>>> https://arxiv.org/pdf/1905.03518.pdf
>>>> 
>>>> I suggest, that the working group takes steps to highlight these privacy
>>>> problems of RFC 7413.
>>>> 
>>>> Regards,
>>>> Erik
>>>> 
>>>> _______________________________________________
>>>> tcpm mailing list
>>>> tcpm@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/tcpm
>>> _______________________________________________
>>> tcpm mailing list
>>> tcpm@ietf.org
>>> https://www.ietf.org/mailman/listinfo/tcpm
> 
> _______________________________________________
> tcpm mailing list
> tcpm@ietf.org
> https://www.ietf.org/mailman/listinfo/tcpm