Re: [TLS] The future devices that will break TLS 1.4
Christian Huitema <huitema@huitema.net> Sat, 13 January 2018 02:31 UTC
Return-Path: <huitema@huitema.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01F52127201 for <tls@ietfa.amsl.com>; Fri, 12 Jan 2018 18:31:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JCqqqp8EGGAl for <tls@ietfa.amsl.com>; Fri, 12 Jan 2018 18:31:32 -0800 (PST)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 15FCE1200F1 for <tls@ietf.org>; Fri, 12 Jan 2018 18:31:32 -0800 (PST)
Received: from xsmtp02.mail2web.com ([168.144.250.215]) by mx44.antispamcloud.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.89) (envelope-from <huitema@huitema.net>) id 1eaBbV-00017X-Uk for tls@ietf.org; Sat, 13 Jan 2018 03:31:30 +0100
Received: from [10.5.2.31] (helo=xmail09.myhosting.com) by xsmtp02.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1eaBbS-00060B-MD for tls@ietf.org; Fri, 12 Jan 2018 21:31:27 -0500
Received: (qmail 31239 invoked from network); 13 Jan 2018 02:31:25 -0000
Received: from unknown (HELO [192.168.200.68]) (Authenticated-user:_huitema@huitema.net@[72.235.171.77]) (envelope-sender <huitema@huitema.net>) by xmail09.myhosting.com (qmail-ldap-1.03) with ESMTPA for <tls@ietf.org>; 13 Jan 2018 02:31:25 -0000
To: tls@ietf.org
References: <20180113000206.6bc36af6@pc1> <57CA48F7-CC49-42A3-AF9B-BCB4778264B2@gmail.com>
From: Christian Huitema <huitema@huitema.net>
Message-ID: <249425c3-780f-5850-366b-9d87d3b31af4@huitema.net>
Date: Fri, 12 Jan 2018 16:31:23 -1000
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <57CA48F7-CC49-42A3-AF9B-BCB4778264B2@gmail.com>
Content-Type: multipart/alternative; boundary="------------A7AF6E4B80A7E28D71700A06"
X-Originating-IP: 168.144.250.215
X-AntiSpamCloud-Domain: xsmtpout.mail2web.com
X-AntiSpamCloud-Username: 168.144.250.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=168.144.250.0/24@xsmtpout.mail2web.com
X-AntiSpamCloud-Outgoing-Class: unsure
X-AntiSpamCloud-Outgoing-Evidence: Combined (0.34)
X-Recommended-Action: accept
X-Filter-ID: EX5BVjFpneJeBchSMxfU5pfYl1fUtXrjLu44MmH8zRsXv9krsgRhBn0ayn6qsUc7RO6saVKtiei5 uUZjs8uJrOfHzJ6mVE7ewsipSVIfs4ad0MPP4nln6TksW2sQiSBALB67TLnlh9i6Dr2tTQ7u+oqs y1PKTVoO8Zj6z/ewaDOZ3JKVmi72ocgY5kMQSjs7Pk8VxOtUn7O9m8cCuN8HIa1B2N+xwNIm4bky rJMaAA8yXDZ4EHnDt87IyrZAC2/gfn4eyCwIWdDDlFG98+9qd+BFwYDEPnet1tXHsknHYhhwbzpt P1hS4Kj7E/EWE1j8sESBnZ29929fqpFFzBN0ceyPnEGyyfS0ggcDdodDMKpYg9ruAKOoPnwmy4wG 8XtJqWVYNxS4myu1gxnHJBnmumz49PzUWhdE3zEeQF2k5bdHrh2h0Pu50H7NzHw6NK3VYL8jvyeW A9EsRvV6CqjePBKOhcObZXWnkEw+6F9CGyavGztmOtIaM+D1rj/L7c8XBe6u0CoZukxEZzyzt1OR snzfTtng4rHS/8LBixaHDG3h9PobrbwB1Jj4vRnvuFdQKx3Zprq3ZEpafGy+zLjUntilh9dvYvV/ 5Pg3UZt3l4cobM5+AwD0A5qDgSPsXJ3GYnRqIO2TPU1F0bSG6T2DJZnHEeB4hpRrmo/duzUUp/L5 uD5BFwUsLzoxNE3Df89qzrjq4Hfr4ZhSwhJ40urz5XLYM3A6BXfvel8OEFDbU529jj6VuEkkQiOd 2CLFCAI+G45OmBNdsUklj47JM2Zh1oj2lB9TLiDMfXuvSrucRXry8B6sEcpHNQcjlAOoToGvpsib JQz6bCR19sO/++nnSqCDBedeB75TJ0VuxRY+unEnaeycva4NRXu2m3j3Y8zB9xGo0bndvIE+SDBs cm+vLiZuZ5OAUoGBziSYFLZuu6wTRhJez+ibxiREoUwadL3g
X-Report-Abuse-To: spam@quarantine5.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/9CsTwMZx36emANvSVNnd1qctW7U>
Subject: Re: [TLS] The future devices that will break TLS 1.4
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Jan 2018 02:31:34 -0000
On 1/12/2018 1:53 PM, Dan Wing wrote: > I'll dare to have a look into the future and make this imho very > plausible claim: > Cisco won't be the only vendor selling such things. We will see more > products that magically can identify "bad things" in TLS traffic by > applying everything from AI to Blockchain. Well, of course we will see such products. We know that it is possible to do a lot of pattern recognition based on properties of the encrypted traffic, as well as clear text parts of the headers. And we also know that there are lots of network managers that want to understand what's happening in their networks. The kind of products shown here seems rather preferable to the previous generation of products that required breaking the encryption. > We will almost certainly see a whole new generation of devices doing > weirdness with TLS and who will drop or manipulate packages that contain > things they don't know (like... a version negotiation field with TLS > 1.4 or a large post quantum key exchange message). That's the general problem with machine learning. The attackers will be learning too, and will try to tweak their traffic until it looks innocuous. As attackers do that, filters will try to catch them, and the chances for "false positive" are going to increase. > The question I want to ask: What can we do *now* to stop this from > happening when TLS 1.4 will be deployed? I have the feeling GREASE > won't be enough... Data sets. Machine learning algorithms are trained with data sets. If we produce reference data sets showing what TLS 1.4 looks like, the vendors can retrain their AI and start recognizing the new version for what it is, rather than some unknown attack. -- Christian Huitema
- [TLS] The future devices that will break TLS 1.4 Hanno Böck
- Re: [TLS] The future devices that will break TLS … Dan Wing
- Re: [TLS] The future devices that will break TLS … Hanno Böck
- Re: [TLS] The future devices that will break TLS … Yuhong Bao
- Re: [TLS] The future devices that will break TLS … Yuhong Bao
- Re: [TLS] The future devices that will break TLS … Christian Huitema
- Re: [TLS] The future devices that will break TLS … Tony Arcieri
- Re: [TLS] The future devices that will break TLS … Martin Thomson
- Re: [TLS] The future devices that will break TLS … Hubert Kario