Re: [dns-privacy] draft-mayrhofer-edns0-padding

2015-07-23 Thread Daniel Kahn Gillmor 
On Thu 2015-07-23 18:50:14 +0200, Alexander Mayrhofer wrote:

 I had a discussion with Daniel Khan Gillmor today, and we talked about
 his proposal to specify a padding option in TLS so that message-size
 based correlation attacks on encrypted DNS packets could be
 prevented. We continued discussing other options (such as artificial
 RRs in the additional section), and I floated the idea that we could
 use EDNS0 to include padding in DNS packets.

 So, I've created a quick-and-dirty strawman proposal draft for this
 idea, and i'm happy to discuss this during tomorrow's DPRIVE session
 if we have time:

 https://www.ietf.org/id/draft-mayrhofer-edns0-padding-00.txt

wow, thanks for the incredibly quick writeup!

I think this draft could have an informative reference to Haya Shulman's
research on difficulties in DNS encryption, which won the recent ANRP:

  https://irtf.org/anrp
  https://www.ietf.org/mail-archive/web/dns-privacy/current/pdfWqAIUmEl47.pdf

Section 3.2.2 shows that her mechanism for inferring the contents of
queries becomes *even more effective* by including the size of the
packets in her analysis.  (Everyone working on dprive should read this
paper to get a sense of some of the massive difficulties we need to
consider because of the structure of DNS traffic analysis; just
encrypting the traffic is insufficient for several reasons)

I also note that draft-mayrhofer-edns0-padding curently suggests that
the minimum padding size is 1 octet.  Is there any reason to avoid a
padding size of 0? 

--dkg

___
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy

Re: [dns-privacy] draft-mayrhofer-edns0-padding

2015-07-23 Thread Mark Andrews 

This can be dropped.  EDNS aware clients are required to ignore unknown EDNS 
options.

   A server MUST use the 'Padding' option in a DNS response (QR=1) only
   when that response correlates to a query that contained the 'Padding'
   option.

For QUERY I would be padding the request out to 400 octets.  This allows for
all legal query names (max question size is 255+2+2 octets), some EDNS options
and the pad option.

Mark

In message 87a8umihra@alice.fifthhorseman.net, Daniel Kahn Gillmor writes:
 On Thu 2015-07-23 18:50:14 +0200, Alexander Mayrhofer wrote:
 
  I had a discussion with Daniel Khan Gillmor today, and we talked about
  his proposal to specify a padding option in TLS so that message-size
  based correlation attacks on encrypted DNS packets could be
  prevented. We continued discussing other options (such as artificial
  RRs in the additional section), and I floated the idea that we could
  use EDNS0 to include padding in DNS packets.
 
  So, I've created a quick-and-dirty strawman proposal draft for this
  idea, and i'm happy to discuss this during tomorrow's DPRIVE session
  if we have time:
 
  https://www.ietf.org/id/draft-mayrhofer-edns0-padding-00.txt
 
 wow, thanks for the incredibly quick writeup!
 
 I think this draft could have an informative reference to Haya Shulman's
 research on difficulties in DNS encryption, which won the recent ANRP:
 
   https://irtf.org/anrp
   https://www.ietf.org/mail-archive/web/dns-privacy/current/pdfWqAIUmEl47.pdf
 
 Section 3.2.2 shows that her mechanism for inferring the contents of
 queries becomes *even more effective* by including the size of the
 packets in her analysis.  (Everyone working on dprive should read this
 paper to get a sense of some of the massive difficulties we need to
 consider because of the structure of DNS traffic analysis; just
 encrypting the traffic is insufficient for several reasons)
 
 I also note that draft-mayrhofer-edns0-padding curently suggests that
 the minimum padding size is 1 octet.  Is there any reason to avoid a
 padding size of 0? 
 
 --dkg
 
 ___
 dns-privacy mailing list
 dns-privacy@ietf.org
 https://www.ietf.org/mailman/listinfo/dns-privacy
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org

___
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy