Re: [TLS] Malware (was Re: draft-green-tls-static-dh-in-tls13-01)

Jeffrey Walton <noloader@gmail.com> Mon, 17 July 2017 14:30 UTC

Return-Path: <noloader@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A898E131C17 for <tls@ietfa.amsl.com>; Mon, 17 Jul 2017 07:30:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 81StNve7uMo2 for <tls@ietfa.amsl.com>; Mon, 17 Jul 2017 07:30:57 -0700 (PDT)
Received: from mail-oi0-x22a.google.com (mail-oi0-x22a.google.com [IPv6:2607:f8b0:4003:c06::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50125131C10 for <tls@ietf.org>; Mon, 17 Jul 2017 07:30:50 -0700 (PDT)
Received: by mail-oi0-x22a.google.com with SMTP id q4so34337775oif.1 for <tls@ietf.org>; Mon, 17 Jul 2017 07:30:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:reply-to:in-reply-to:references:from:date:message-id :subject:to:cc:content-transfer-encoding; bh=D/g/Hkj9m4L/f3G2y1/RdmNylQ5hxMM/sgQr9xTQOFw=; b=Lzg28Q2u3WynXh42cfKicg2ONOcIqI8HNYKKxcFjkkBbDzHkkaVGXNN26jaaQIzhhO GvkFtbKKgtPYdMJIy8kKtLyI1YUb0foLlP3DV97XWFAAQT4jTWVaRol+7Q61CTf1Mqwc +0g3JaVjMLWBoqg0JRucjWr66k6KgBcuTXHB+6H2WmgULr5R+pNsQaYUk4NEdxDy2v9i Hz1n66Xy0qDvFOk/aaZWLitzVKkVBGplLdsl5c9ipc4N4s5E+l7nLvrKWh1LHLPqUN/q PgDqbv2E1fDnbh8IWnn3dhvIX4EXrTV29VzBD3Qwb74AqafkVJLluKTPPEqtnm2VtYHK mgzA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :from:date:message-id:subject:to:cc:content-transfer-encoding; bh=D/g/Hkj9m4L/f3G2y1/RdmNylQ5hxMM/sgQr9xTQOFw=; b=uP2gRmtR3c7WZB3uuKjhy6vCcWD2ooJXE/Egw/999GrtZFLOPSIc+M7GdQtOU44Fyp G04hMMuLeINMYAKxf3rVIbLA3VSJsmqp8gwWYPiapybmRTFh/SSTVNl9m/imfmDMf8Zv G7ofqkqd+4mSd//+fSvVhLIAu+o9aeNSrZqY9XfsMbGldgnOHp3DbHZhwzD9lFMK8c8E xMJF4hzxW6/lE0DokSqIdCsSC8GqENodV1b69SMUcIXnCDZHdTutMgjpXdHyMb+RlB9x stmX4cZLp6VnOMipV2WK9NzrfhLnqUWx405mIZDIR4CCGwyX6ZE7pb3XHMqLDvO4ywT9 WAHA==
X-Gm-Message-State: AIVw1133Y1ywDotYzGaQMTI4Spdw6ZOo4F5FQUtPiuN3nj/1GQYWq9fC +WkeCaxi7/D26FCpQWbKAypUcaTA0g==
X-Received: by 10.202.75.84 with SMTP id y81mr522930oia.141.1500301849591; Mon, 17 Jul 2017 07:30:49 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.74.5.6 with HTTP; Mon, 17 Jul 2017 07:30:49 -0700 (PDT)
Reply-To: noloader@gmail.com
In-Reply-To: <66C1C32C-53C2-43A4-BCB0-96DDC26A1F58@ll.mit.edu>
References: <CABkgnnU8ho7OZpeF=BfEZWYkt1=3ULjny8hcwvp3nnaCBtbbhQ@mail.gmail.com> <2A9492F7-B5C5-49E5-A663-8255C968978D@arbor.net> <CABkgnnX7w0+iH=uV7LRKnsVokVWpCrF1ZpTNhSXsnZaStJw2cQ@mail.gmail.com> <FDDB46BC-876C-49FC-9DAE-05C61BB5EFC9@vigilsec.com> <9C81BE7B-7C21-4504-B60D-96BA95C3D2FD@arbor.net> <CAEa9xj55jzch-v0mysbRSryNM0Y7Bdtevmrc3+FVxMO8EP5zWA@mail.gmail.com> <CC3CE5F8-C8C2-4A70-829D-483E26D20733@arbor.net> <CAEa9xj5eR6b_+CsSDArMWWr-u8hx5B81kDVEMEX8sgfUeMUS8g@mail.gmail.com> <C3B01C35-E3A2-4A8B-9DD7-D6E4153ED39F@arbor.net> <CAEa9xj6p0y9ZzxLJvtv9GDzzfs5s13nnLqm=4_fNDPGV+=Od8Q@mail.gmail.com> <BE4E8E4A-51FC-4211-A16F-EBA8B3F01757@arbor.net> <66C1C32C-53C2-43A4-BCB0-96DDC26A1F58@ll.mit.edu>
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 17 Jul 2017 10:30:49 -0400
Message-ID: <CAH8yC8=GwqYmNTE2vL7DqPNRwnGHnbAaQeKOcUsn+jpCADkRdg@mail.gmail.com>
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
Cc: IETF TLS <tls@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/53kU7NRj9kVYGBeMQsZPBk_JDMg>
Subject: Re: [TLS] Malware (was Re: draft-green-tls-static-dh-in-tls13-01)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jul 2017 14:30:59 -0000

On Mon, Jul 17, 2017 at 10:23 AM, Blumenthal, Uri - 0553 - MITLL
<uri@ll.mit.edu> wrote:
>       And why are you unable to understand that that in the case of an additional layer of
> attacker-generated crypto nestled within a TLS tunnel, as you posited, that the ability
> to simply detect the presence of such an additional layer of unexpected crypto, even
> without the ability to immediately decrypt it, has substantial value in a security context?
>
> It may, or it may not – depending on the sophistication of your adversary. It is not given that you’d be able to “simply detect the presence of an additional crypto layer”, particularly if measures are taken to hide it.

+1.

For example, Rule of 2 in Fishbowl encryption:
https://en.wikipedia.org/wiki/Multiple_encryption.

And since WebCrypto is [mostly] standardized, sometimes it will happen
as JavaScript is encryption applied to the protected stream that
inadvertently gets TLS encryption applied. Its just a matter of time
before it trickles into components like RabbitMQ.

Jeff