IETF Logo Mail Archive

Re: [TLS] Encrypting record headers: practical for TLS 1.3 after all?

Henrick Hellström <henrick@streamsec.se> Fri, 27 November 2015 16:22 UTC

Return-Path: <henrick@streamsec.se>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FF3A1B35E5 for <tls@ietfa.amsl.com>; Fri, 27 Nov 2015 08:22:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.95
X-Spam-Level:
X-Spam-Status: No, score=-1.95 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q4B8aEsRKvgU for <tls@ietfa.amsl.com>; Fri, 27 Nov 2015 08:22:41 -0800 (PST)
Received: from vsp2.ballou.se (vsp2.ballou.se [91.189.40.83]) by ietfa.amsl.com (Postfix) with SMTP id 595431B35E3 for <tls@ietf.org>; Fri, 27 Nov 2015 08:22:40 -0800 (PST)
X-Halon-ID: 12f31b57-9523-11e5-976f-0050569222ec
X-Halon-Scanned: 7f4a955dd6f4c149d51110a345668da22aa82d04
Received: from nmail1.ballou.se (unknown [10.0.0.116]) by vsp2.ballou.se (Halon Mail Gateway) with ESMTP for <tls@ietf.org>; Fri, 27 Nov 2015 17:22:37 +0100 (CET)
Received: from [192.168.0.190] (c-1ec0e555.06-134-73746f39.cust.bredbandsbolaget.se [85.229.192.30]) (Authenticated sender: henrick@streamsec.se) by nmail1.ballou.se (Postfix) with ESMTPSA id 77160C93BB for <tls@ietf.org>; Fri, 27 Nov 2015 17:22:37 +0100 (CET)
References: <56586A2F.1070703@gmail.com>
To: tls@ietf.org
From: Henrick Hellström <henrick@streamsec.se>
Message-ID: <565882FE.80205@streamsec.se>
Date: Fri, 27 Nov 2015 17:21:18 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0
MIME-Version: 1.0
In-Reply-To: <56586A2F.1070703@gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/2KzbWYrHh9tB8b6RBAO9P6_Z520>
Subject: Re: [TLS] Encrypting record headers: practical for TLS 1.3 after all?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: henrick@streamsec.se
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Nov 2015 16:22:43 -0000

On 2015-11-27 15:35, Bryan A Ford wrote:
> The idea of encrypting TLS record headers has come up before, the most
> important purpose being to hide record lengths and boundaries and make
> fingerprinting and traffic analysis harder.

How, exactly, would this be significantly harder? The adversary will 
still be able to tell when, and how much, TCP/IP data is sent between 
the peers. If there happens to be a revealing TLS record boundary in the 
middle of a TCP/IP packet, it would seem to me there is an 
implementation problem rather than a problem with the abstract protocol.

v2.29.0 | Report a Bug | By Email | System Status