-
Challenges in Adapting ECH in TLS for Privacy Enhancement over the Internet
Authors:
Vinod S. Khandkar,
Manjesh K. Hanawal,
Sameer G Kulkarni
Abstract:
Security and Privacy are crucial in modern Internet services. Transport Layer Security (TLS) has largely addressed the issue of security. However, information about the type of service being accessed goes in plain-text in the initial handshakes of vanilla TLS, thus potentially revealing the activity of users and compromising privacy. The ``Encrypted ClientHello'' or ECH overcomes this issue by ext…
▽ More
Security and Privacy are crucial in modern Internet services. Transport Layer Security (TLS) has largely addressed the issue of security. However, information about the type of service being accessed goes in plain-text in the initial handshakes of vanilla TLS, thus potentially revealing the activity of users and compromising privacy. The ``Encrypted ClientHello'' or ECH overcomes this issue by extending TLS 1.3 where all of the information that can potentially reveal the service type is masked, thus addressing the privacy issues in TLS 1.3. However, we notice that Internet services tend to use different versions of TLS for application data (primary connection/channel) and supporting data (side channels) such as scheduling information \textit{etc.}. %, during the active session. Although many internet services have migrated to TLS 1.3, we notice that it is only true for the primary connections which do benefit from TLS 1.3, while the side-channels continue to use lower version of TLS (e.g., 1.2) %which do not support ECH and continue to leak type of service accessed. We demonstrate that privacy information leaked from the side-channels can be used to affect the performance on the primary channels, like blocking or throttling specific service on the internet. Our work demonstrates that adapting ECH on primary channels alone is not sufficient to prevent the privacy leaks and attacks on primary channels. Further, we demonstrate that it is necessary for all of the associated side-channels also to migrate to TLS 1.3 and adapt ECH extension in order to offer complete privacy preservatio
△ Less
Submitted 5 July, 2022;
originally announced July 2022.
-
FairNet: A Measurement Framework for Traffic Discrimination Detection on the Internet
Authors:
Vinod S. Khandkar,
Manjesh K. Hanawal
Abstract:
Network neutrality is related to the non-discriminatory treatment of packets on the Internet. Any deliberate discrimination of traffic of one application while favoring others violates the principle of neutrality. Many countries have enforced laws against such discrimination. To enforce such laws, one requires tools to detect any net neutrality violations. However, detecting such violations is cha…
▽ More
Network neutrality is related to the non-discriminatory treatment of packets on the Internet. Any deliberate discrimination of traffic of one application while favoring others violates the principle of neutrality. Many countries have enforced laws against such discrimination. To enforce such laws, one requires tools to detect any net neutrality violations. However, detecting such violations is challenging as it is hard to separate any degradation in quality due to natural network effects and selective degradation. Also, legitimate traffic management and deliberate discrimination methods can be technically the same, making it further challenging to distinguish them.
We developed an end-to-end measurement framework named FairNet to detect discrimination of traffic. It compares the performance of similar services. Our focus is on HTTPS streaming services which constitute a predominant portion of the Internet traffic. The effect of confounding factors (congestion, traffic management policy, dynamic rate adaptation) is made `similar' on the test services to ensure a fair comparison. FairNet framework uses a ``replay server'' and user-client that exchanges correctly identifiable traffic streams over the Internet. The Server Name Indication (SNI) field in the TLS handshake, which goes in plaintext, ensures that the traffic from the replay server appears to network middle-boxes as that coming from its actual server. We validated that appropriate SNIs results in the correct classification of services using a commercial traffic shaper. FairNet uses two novel algorithms based on application-level throughput and connection status to detect traffic discrimination. We also validated the methodology's effectiveness by collecting network logs through mobile apps over the live Internet and analyzing them.
△ Less
Submitted 20 October, 2021;
originally announced October 2021.
-
Challenges in Net Neutrality Violation Detection: A Case Study of Wehe Tool and Improvements
Authors:
Vinod S. Khandkar,
Manjesh K. Hanawal
Abstract:
We consider the problem of detecting deliberate traffic discrimination on the Internet. Given the complex nature of the Internet, detection of deliberate discrimination is not easy to detect, and tools developed so far suffer from various limitations. We study challenges in detecting the violations (focusing on the HTTPS traffic) and discuss possible mitigation approaches. We focus on `Wehe,' the…
▽ More
We consider the problem of detecting deliberate traffic discrimination on the Internet. Given the complex nature of the Internet, detection of deliberate discrimination is not easy to detect, and tools developed so far suffer from various limitations. We study challenges in detecting the violations (focusing on the HTTPS traffic) and discuss possible mitigation approaches. We focus on `Wehe,' the most recent tool developed to detect net-neutrality violations. Wehe hosts traffic from all services of interest in a common server and replays them to mimic the behavior of the traffic from original servers. Despite Wehe's vast utility and possible influences over policy decisions, its mechanisms are not yet validated by others. In this work, we highlight critical weaknesses in Wehe where its replay traffic is not being correctly classified as intended services by the network middleboxes. We validate this observation using a commercial traffic shaper. We propose a new method in which the SNI parameter is set appropriately in the initial TLS handshake to overcome this weakness. Using commercial traffic shapers, we validate that SNI makes the replay traffic gets correctly classified as the intended traffic by the middleboxes. Our new approach thus provides a more realistic method for detecting neutrality violations of HTTPS traffic.
△ Less
Submitted 24 October, 2021; v1 submitted 12 January, 2021;
originally announced February 2021.
-
Masking Host Identity on Internet: Encrypted TLS/SSL Handshake
Authors:
Vinod S. Khandkar,
Manjesh K. Hanawal
Abstract:
Network middle-boxes often classify the traffic flows on the Internet to perform traffic management or discriminate one traffic against the other. As the widespread adoption of HTTPS protocol has made it difficult to classify the traffic looking into the content field, one of the fields the middle-boxes look for is Server Name Indicator (SNI), which goes in plain text. SNI field contains informati…
▽ More
Network middle-boxes often classify the traffic flows on the Internet to perform traffic management or discriminate one traffic against the other. As the widespread adoption of HTTPS protocol has made it difficult to classify the traffic looking into the content field, one of the fields the middle-boxes look for is Server Name Indicator (SNI), which goes in plain text. SNI field contains information about the host and can, in turn, reveal the type of traffic. This paper presents a method to mask the server host identity by encrypting the SNI. We develop a simple method that completes the SSL/TLS connection establishment over two handshakes - the first handshake establishes a secure channel without sharing SNI information, and the second handshake shares the encrypted SNI. Our method makes it mandatory for fronting servers to always accept the handshake request without the SNI and respond with a valid SSL certificate.
As there is no modification in already proven SSL/TLS encryption mechanism and processing of handshake messages, the new method enjoys all security benefits of existing secure channel establishment and needs no modification in existing routers/middle-boxes. Using customized client-server over the live Internet, we demonstrate the feasibility of our method. Moreover, the impact analysis shows that the method adheres to almost all SSL/TLS related Internet standards requirements.
△ Less
Submitted 12 January, 2021;
originally announced January 2021.