Re: [TLS] Possible blocking of Encrypted SNI extension in China

David Fifield <david@bamsoftware.com> Tue, 11 August 2020 21:31 UTC

Return-Path: <david@bamsoftware.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E3C53A0CF8 for <tls@ietfa.amsl.com>; Tue, 11 Aug 2020 14:31:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bamsoftware.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QtDqZkRaQXzq for <tls@ietfa.amsl.com>; Tue, 11 Aug 2020 14:31:31 -0700 (PDT)
Received: from melchior.bamsoftware.com (melchior.bamsoftware.com [IPv6:2600:3c00:e000:128:de39:20ee:9704:752d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A4CE83A0CEC for <tls@ietf.org>; Tue, 11 Aug 2020 14:31:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=bamsoftware.com; s=mail; h=In-Reply-To:Content-Transfer-Encoding: Content-Type:MIME-Version:References:Message-ID:Subject:To:From:Date:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=xfHbA8og0tjaOEPdbOQZ+A/gx/maBv8Urk4VthbBfrY=; b=RTxEO7dwQRTLbKMwY9UMleF4Z2 6QlvDSzYJbgt58mhz/84nwKJGVDETpxlVPPiz/8vD53BWZSXtcqAQ+EyI/nOZ3gs6zDC3ahH+bQLy 4R6dO5nCDTpUAuUegkQna+9+MJt78ZyzKSTYT/UQM8GY/ebEY6nE0GsaN5LliEpEJRgU=;
Date: Tue, 11 Aug 2020 15:31:26 -0600
From: David Fifield <david@bamsoftware.com>
To: tls@ietf.org
Message-ID: <20200811213126.q57jondj2pdwoxjr@bamsoftware.com>
Mail-Followup-To: tls@ietf.org
References: <1597030308337.61220@cs.auckland.ac.nz> <67d52e25-71ed-4584-b2c3-6a71a6bdd346@www.fastmail.com> <1597119980162.55300@cs.auckland.ac.nz> <b32110f8-c9ba-e8db-f136-7cc60eba54e4@huitema.net> <1597123970590.77611@cs.auckland.ac.nz> <CAChr6SzzuyB7sxXJQ4gNJwa3iaQcC5jGPE3-sgfY_EkB7DoykA@mail.gmail.com> <1597125488037.97447@cs.auckland.ac.nz> <CAChr6SxLAJyweEDHL48-hT3X=d5E6jNrWZheOt+fSydpS=HhQw@mail.gmail.com> <c7e033d9-aa39-1293-2233-4ebb8d1502dc@huitema.net> <44efe45d-fb2f-8db6-f127-97de460b6453@huitema.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <44efe45d-fb2f-8db6-f127-97de460b6453@huitema.net>
User-Agent: NeoMutt/20180716
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/i5dk5w6a4CtmfhjBdS9sdhEIj8Q>
Subject: Re: [TLS] Possible blocking of Encrypted SNI extension in China
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2020 21:31:33 -0000

On Tue, Aug 11, 2020 at 12:08:11AM -0700, Christian Huitema wrote:
> There is also the question of what the anonymity set is. I just did a little
> experiment of resolving 25000 domain names and looking at how many resolved to
> the same IP address (https://huitema.wordpress.com/2020/08/09/
> can-internet-services-hide-in-crowds/). And then I redid the stats with 50000
> domain names. Did not find a lot of crowds. 75% of domain names in my sample
> resolve to their very own address, not shared with anybody. Only 8% resolved by
> addresses shared by 10 sites or more, and 1.3% resolved to addresses shared by
> 100 sites or more.  Of course, 1% of the Internet is already something big. But
> still, not quite the whole world...

Here is a related experiment done last year.

"On the Importance of Encrypted-SNI (ESNI) to Censorship Circumvention"
https://censorbib.nymity.ch/#Chai2019a
https://www.usenix.org/conference/foci19/presentation/chai
My capsule summary: https://github.com/net4people/bbs/issues/10

The authors tested an Alexa top 1 million list for blocking from China,
under three different modalities: DNS poisoning, SNI filtering, and IP
address blocking. (The GFW blocked different web sites in different
ways; ESNI is effective against DNS poisoning and SNI filtering but not
IP address blocking.) Of 24,210 domains blocked by either DNS poisoning
or SNI filtering, 16,928 (70%) were additionally blocked by IP address,
so ESNI would not help to unblock them if they remained at their current
hosting. The other 30% of domains would have been unblocked by ESNI.
This analysis, of course, assumes a static situation; if ESNI were
deployed and found to be effective, then blocked sites might choose to
move to shared co-hosting, or the GFW might increase the scope of its IP
address blocking to include addresses with small anonymity sets.

I'll add that it's not just the size of the anonymity set that matters.
The domains that make up the anonymity set, and the cost of blocking
them, matters as well. An anonymity set of 100,000 could still be
blockable if none of the 100,000 is disruptive or costly to block.
(Measure cost however you like: effect on the local economy, for
example.) An anonymity set of size 10 might be hard to block, if just
one of those 10 is one that the would-be blocker greatly cares to
preserve.