Re: [TLS] draft-green-tls-static-dh-in-tls13-01

Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 11 July 2017 19:15 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DC4E131774 for <tls@ietfa.amsl.com>; Tue, 11 Jul 2017 12:15:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.302
X-Spam-Level:
X-Spam-Status: No, score=-4.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6vE8miPzN3LP for <tls@ietfa.amsl.com>; Tue, 11 Jul 2017 12:15:44 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 30FEC128C81 for <tls@ietf.org>; Tue, 11 Jul 2017 12:15:44 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 5A322BF27; Tue, 11 Jul 2017 20:15:42 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SPOfVCAkIy6u; Tue, 11 Jul 2017 20:15:41 +0100 (IST)
Received: from [10.244.2.100] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 05623BF25; Tue, 11 Jul 2017 20:15:41 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1499800541; bh=pJuKtjHeK9wn5C4mK1JDcOzEze3d7s8+4YFBZiVr+T8=; h=Subject:To:References:From:Date:In-Reply-To:From; b=wyGusmjRTIwSDmyvmg8q5nVLSZjCApcpKjKVbflCsnz2HHN5PNwv75HvdlH3oyNza PHYxx51yZkr6+L3Y9R/Xc0QDV4oyojpN60yUP0M8sjZ5xm89fxr7h7Fdc1yt7i4OA3 mNCNsulsyX3W7tC6V6SUbWcFQBSOzUKhgHylouNI=
To: Steve Fenter <steven.fenter58@gmail.com>, "tls@ietf.org" <tls@ietf.org>
References: <D7648213-261E-4A26-BD6A-A5CB7F036D2C@gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <e0f078a7-5ef7-7cd2-8e88-dceea13638e7@cs.tcd.ie>
Date: Tue, 11 Jul 2017 20:15:40 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
MIME-Version: 1.0
In-Reply-To: <D7648213-261E-4A26-BD6A-A5CB7F036D2C@gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="8uveDEt4iiGh85v9iB7Ux5xQ9LlS0N5mH"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/r1xUSDl7EmdlNwkw6Fq6mvWm6bU>
Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jul 2017 19:15:46 -0000

To add to Ted's clarification requests:

On 11/07/17 19:39, Steve Fenter wrote:
> Network security monitoring is not just monitoring traffic that
> results from communications with customers and partners.  All it
> takes is for one user to click on a phishing email and there is
> malware inside the enterprise.  Once this happens, TLS becomes the
> enemy, because 30% of malware is TLS encrypted, and any TLS features
> intended to thwart payload inspection work against the enterprise.

I'd appreciate a citation for that 30% figure.

And if you had one an estimate for how much malware does it's own
obfuscation or home-grown crypto in addition or instead of using TLS.
The reason to ask is that as soon as malware does that then you
are back to analysis based on ciphertext only. From descriptions
of advanced attack schemes, they do seem to do both when calling
home or exfiltrating data. In which case I think your argument
falls.

> Malware does not always phone home out to the Internet on day 1 of
> infection.  

In what circumstance will malware phone home to a TLS server that
is playing your wiretap game? That seems utterly illogical but
maybe I'm missing a reason why someone's malware will use TLS to
talk to a server that is controlled by the victim network as part
of phoning home. Please clarify.

S.