[Whonix-devel] RFC 6528 revision for better system privacy
bancfc at openmailbox.org
bancfc at openmailbox.org
Fri Jan 13 02:49:37 CET 2017
Hi Steven and Fernando,
I am a Whonix (anonymity OS) dev and would like to discuss the RFC 6528
[0] you worked on. There has been privacy research in the area of timer
and clock leaks in network protocols that can aid adversaries in
deanonymizing Tor clients and hidden services. There is a practical
attack where an adversary can skew timer measurements by overloading
target machines and affect the oscillation of timer crystals in
predictable patterns that can be remotely measured in TCP sequence
numbers.[1]
Please consider revising the RFC to omit the requirement of xoring timer
output with TCP ISNs. Recently the Linux kernel gained the SipHash PRF
to generate better sequence numbers and deprecated MD5. This further
reduces the necessity of including timer input which has become a side
channel that aids traffic correlation and endangers privacy focused use
cases.
***
[0] https://tools.ietf.org/html/rfc6528
[1] http://sec.cs.ucl.ac.uk/users/smurdoch/papers/ccs06hotornot.pdf
[2] http://sec.cs.ucl.ac.uk/users/smurdoch/papers/ih05coverttcp.pdf
More information about the Whonix-devel
mailing list