[TLS] Privacy considerations - identity hiding from eavesdropping in (D)TLS

"Viktor S. Wold Eide" <viktor.s.wold.eide@gmail.com> Mon, 24 August 2015 20:57 UTC

Return-Path: <viktor.s.wold.eide@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 0E1181A8766 for <tls@ietfa.amsl.com>; Mon, 24 Aug 2015 13:57:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id cmqji1Er2D0I for <tls@ietfa.amsl.com>; Mon, 24 Aug 2015 13:57:34 -0700 (PDT)
Received: from mail-io0-x22a.google.com (mail-io0-x22a.google.com [IPv6:2607:f8b0:4001:c06::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D4B061A1C02 for <TLS@ietf.org>; Mon, 24 Aug 2015 13:57:33 -0700 (PDT)
Received: by iods203 with SMTP id s203so163920004iod.0 for <TLS@ietf.org>; Mon, 24 Aug 2015 13:57:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to:content-type; bh=DSvw1o/mVWQRYM2xgkz20CJAzB0qfFt0NP6dWT6HmTY=; b=pOXNWxkFZMKSwFjTODoQSjJrvfjUqXPTG1PIF5Ad4RYXg105Zbkk+fBXZi1bKIqPPD EZnK8bUZP+JKNG4Zw/MKy7KR9Skp6tZIrIrUGLd2gwtceoMTOhKC2W9J+b3xqKsq++jB cFNG7Of7s/+ADa9MoqA+a3LWb+oCFfURtIH93vd/egMOvKzv3iKmZeAMa3KBqs5L+fw4 TtxaR4zW3jeQW7vJh545QMgHKlYKbGhhqYrgS5hCGsLJYUTk7zECnaxjLXJJdxvms2XV Ue7X+8cU2wdhG9z8jjnmP9VyWw3vz0JOBX6JeyF8k+/Bsn1c3+QaPCTWRxIYg1/RT+nv CE1g==
X-Received: by with SMTP id z185mr21076404iod.63.1440449853215; Mon, 24 Aug 2015 13:57:33 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Mon, 24 Aug 2015 13:56:53 -0700 (PDT)
From: "Viktor S. Wold Eide" <viktor.s.wold.eide@gmail.com>
Date: Mon, 24 Aug 2015 22:56:53 +0200
Message-ID: <CAL6x8mchyh2Qpqcd5Rv-rXgZ+1_CAbV7vkib+-yU4DEDFx82Yg@mail.gmail.com>
To: TLS@ietf.org
Content-Type: multipart/alternative; boundary="001a1140e36ad15d11051e14ddc4"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/D1eMxYkWiDtztfEBU8pZEW-T5Tk>
Subject: [TLS] Privacy considerations - identity hiding from eavesdropping in (D)TLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Aug 2015 21:12:25 -0000


I am looking for a way to achieve identity hiding for DTLS 1.2, which also
hopefully can be used in (D)TLS 1.3, when available.

>From what I understand, for (D)TLS 1.2 it would be possible to perform an
anonymous unencrypted handshake and then to renegotiate the connection with
authentication within the encrypted channel, e.g., according to the expired
draft [1]. From the latest TLS 1.3 draft [2] it appears that renegotiation
will be removed in the upcoming 1.3 version.

What is likely to be the recommended way to achieve identity hiding for
(D)TLS 1.3, if any?

[1] Transport Layer Security (TLS) Encrypted Handshake Extension,
draft-ray-tls-encrypted-handshake-00, expired in 2012
[2] The Transport Layer Security (TLS) Protocol Version 1.3,

Best regards
Viktor S. Wold Eide