Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Address relay traffic analysis #146

Merged
merged 5 commits into from
Aug 2, 2022
Merged

Address relay traffic analysis #146

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
7f37a81
Address relay traffic analysis
Aug 1, 2022
054bd9f
Update draft-ietf-ohai-ohttp.md
chris-wood Aug 2, 2022
104844b
Update draft-ietf-ohai-ohttp.md
chris-wood Aug 2, 2022
d1a2092
Update draft-ietf-ohai-ohttp.md
chris-wood Aug 2, 2022
39cd034
Update draft-ietf-ohai-ohttp.md
chris-wood Aug 2, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
27 changes: 17 additions & 10 deletions draft-ietf-ohai-ohttp.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1082,14 +1082,15 @@ Servers that enter into an agreement with a relay that enables a higher request
rate might choose to authenticate the relay to enable the higher rate.


### Linkability Through Traffic Analysis {#ta}
### Traffic Analysis {#ta}

This document assumes that all communication between different entities is
protected by HTTPS. This protects information about which resources are the
subject of request and prevents a network observer from being able to trivially
correlate messages on either side of a relay.
This document assumes that all communication between different Oblivious Client,
Oblivious Relay Resource, and Oblivious Gateway Resource is protected by HTTPS. This protects information about which
resources are the subject of request and prevents a network observer from being
able to trivially correlate messages on either side of a relay. However, it does
not mitigate traffic analysis by such network observers.

As the time at which Encapsulated Request or response messages are sent can
The time at which Encapsulated Request or response messages are sent can
reveal information to a network observer. Though messages exchanged between the
Oblivious Relay Resource and the Oblivious Gateway Resource might be sent in a
single connection, traffic analysis could be used to match messages that are
Expand All @@ -1100,13 +1101,19 @@ anonymity set into which each message is attributed. This could latency to the
overall time clients take to receive a response, which might not be what some
clients want.

A relay can use padding to reduce the effectiveness of traffic analysis.
Padding is a capability provided by binary HTTP messages; see {{Section 3.8 of
BINARY}}.

A relay that forwards large volumes of exchanges can provide better privacy by
providing larger sets of messages that need to be matched.

Traffic analysis is not restricted to network observers. A malicious Oblivious Relay Resource could
use traffic analysis to learn information about otherwise encrypted requests
and responses relayed between clients and gateways. An Oblivious Relay Resource terminates
TLS connections from clients, so they see message boundaries. This privileged
position allows for richer feature extraction from encrypted data, which might
improve traffic analysis.

Clients can use padding to reduce the effectiveness of traffic analysis.
Padding is a capability provided by binary HTTP messages; see {{Section 3.8 of
BINARY}}.

## Server Responsibilities

Expand Down