Re: [TLS] About encrypting SNI - Traffic Analysis Attacks?

Martin Thomson <martin.thomson@gmail.com> Wed, 14 May 2014 16:52 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FED81A0305 for <tls@ietfa.amsl.com>; Wed, 14 May 2014 09:52:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qL4YaJ1gpqiM for <tls@ietfa.amsl.com>; Wed, 14 May 2014 09:52:10 -0700 (PDT)
Received: from mail-wi0-x22f.google.com (mail-wi0-x22f.google.com [IPv6:2a00:1450:400c:c05::22f]) by ietfa.amsl.com (Postfix) with ESMTP id 498B71A02F2 for <tls@ietf.org>; Wed, 14 May 2014 09:52:10 -0700 (PDT)
Received: by mail-wi0-f175.google.com with SMTP id f8so8386777wiw.14 for <tls@ietf.org>; Wed, 14 May 2014 09:52:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=ioquE5zRm6h5/Aq5eesctdX7rZsfLAXUFXheyuK3y2U=; b=iq4EuyIv8m4OnW87OWDvjI/0W9e4bvccOhMSa0XOXtX8gDvX95YRSpy8HTLnlC4ElU gwaJQ9y6gbhGiTfFHQYybBi6elFoTJWQkt4LEmBgS+nikqPyJ8KOGKLlqogNzbvX+lbW 9NTS39VsG3THcv6SDHbUNwGZ5lUD84o9b/CbO0yUlymZdnurP4X5phVCvJDAT1dKaVpH yR1SDAmiafoI0qBXK3IfaD3go7oASwM8eA1/bAhub8s2HcuJCult23u9uCatl99/yCR+ w24KvI+SoxISrpeOuM8Tsbqwkhca/h/HN1q7l7gTG5nz2K5dQznbzhAxFb8OficE6XdN 7m4g==
MIME-Version: 1.0
X-Received: by 10.194.77.50 with SMTP id p18mr2984669wjw.68.1400086323176; Wed, 14 May 2014 09:52:03 -0700 (PDT)
Received: by 10.194.235.163 with HTTP; Wed, 14 May 2014 09:52:03 -0700 (PDT)
In-Reply-To: <20140514022007.5C7FD1AD07@ld9781.wdf.sap.corp>
References: <53728B78.30306@cs.tcd.ie> <20140514022007.5C7FD1AD07@ld9781.wdf.sap.corp>
Date: Wed, 14 May 2014 09:52:03 -0700
Message-ID: <CABkgnnW583ezwrrc9PkUW4vHCO8JiqSFkrfRitQJyD_5ShcP2A@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: mrex@sap.com
Content-Type: text/plain; charset=UTF-8
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/n7IMzPZCTskAkjUjwE_xGRr-YQY
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] About encrypting SNI - Traffic Analysis Attacks?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 May 2014 16:52:12 -0000

On 13 May 2014 19:20, Martin Rex <mrex@sap.com> wrote:
> When SNI is used for routing, then it MUST be present
> on the initial ClientHello on every new connection, or routing
> (to other than the default credential) will be impossible.

I think that this is a little too strong as a statement.

If routing requires a round trip between the router and the client,
that still enables routing, albeit at a higher cost.