back to article HTTPS is not enough: Boffins fingerprint user environments without cracking crypto

Encryption might hide important content from prying eyes, but a group of Israeli researchers has found that HTTPS traffic alone can fingerprint a user's operating system, browser, and application. With a big enough learning set, they write, they were able to identify users' environments with 96.06 per cent accuracy. In their …

  1. WibbleMe

    Im pro security but if this turns out to be another paid for service there is a limit to how much you can extract from a website owner, remember 98% are small business owners or bloggers.

    In the mean time I will go back to posting a pen and paper out to my website visitors so they can fill in their details securely.

    1. Keith Langmead

      "In the mean time I will go back to posting a pen and paper out to my website visitors so they can fill in their details securely."

      But how will you securely get their addresses to post them the pens and paper? :D

  2. WibbleMe

    Also has anyone though of using something like a DKIM as a fingerprint in the DNS to backup SSL?

    1. Anonymous Coward
      Anonymous Coward

      RE: DKIM for SSL

      While a DNS stored DKIM for SSL might seem like a good thing, a man-in-the-middle attack would just need to spoof the DNS entry, thereby getting complete secure access, maybe even making it easier.

    2. Hans Acker
      Boffin

      DKIM for SSL == DANE

      Yes, someone has. It's called DANE and could probably replace CAs for simple domain-validated CAs.

      See https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities

  3. Mark Simon
    Paris Hilton

    No Brainer … ?

    If you just took a wild guess at what someone was probably using right now, you could probably guess that they were using Windows or possibly iOS, Chrome or possibly Safari, and Facebook or Twitter with not quite 96.06% accuracy. All this without eavesdropping.

    Paris because I said “no brainer”.

    1. Charlie Clark Silver badge

      Re: No Brainer … ?

      I guess the advantage here is the passive nature of an attack. Sitting on a public wifi network, get some data before launching a targeted attack against platform X. But MitM attacks are probably even easier.

      Maybe it's just another argument against using open wifi networks?

  4. Real Ale is Best
    Boffin

    Side channel attacks

    This sort of thing has been known about for a long time.

    For example, you can analyse encrypted chips inside secure tamper proof packages as they perform encryption operations to recover the secure keys inside. To reduce this sort of attack, you have to design the chip to use equal amounts of power for all operations, no matter how simple or complicated.

    In a similar theme, the Germans realised that patterns of encrypted messages could be used to deduce attack plans, and commanded that all outposts send a set number of messages of fixed content per day. As one operator got lazy, and just sent a page of the same character each day, this helped break the enigma cypher, as one flaw in Enigma is that a character is never encoded to itself.

    Both these solutions trade efficiency with security. If you wanted to avoid these attacks, you would have to send a fixed pattern of packets with random data at all times between end points, replacing the random data with real information as needed. This is not terribly efficient, but is more secure.

    Security is always a trade against functionality.

    1. Anonymous Coward
      Anonymous Coward

      Re: Side channel attacks

      So what happens when you have to address BOTH security AND efficiency at the same time? Say a high-security communique in an area or environment where power and/or bandwidth is at a premium?

      1. Real Ale is Best

        Re: Side channel attacks

        So what happens when you have to address BOTH security AND efficiency at the same time? Say a high-security communique in an area or environment where power and/or bandwidth is at a premium?

        You can't. If you are being efficient, you will be giving away information. Your decision is the balance between efficiency and security.

      2. rh587

        Re: Side channel attacks

        So what happens when you have to address BOTH security AND efficiency at the same time? Say a high-security communique in an area or environment where power and/or bandwidth is at a premium?

        Secure. Efficient. Cheap.

        Pick two.

        1. Anonymous Coward
          Anonymous Coward

          Re: Side channel attacks

          "All or nothing. That's your criteria. Now get going."

          Remember. Executives believe in magical thinking AND hold the power to fire you...

        2. Adam 1

          Re: Side channel attacks

          > Secure. Efficient. Cheap

          > Pick two.

          In this case, that doesn't apply. You cannot pick both secure and efficient even if you don't care about cheap.

          The point is that simply knowing that two parties are communicating at a given time does leak some information. You can only counteract this by (at least occasionally) communicating with the other party either nonsensical data (eg randomised bits) or misleading data (eg legitimate looking real message that both sides of the communication know is to be ignored). Either way, that is less efficient than if you only sent bits when you wanted to say something.

          1. Anonymous Coward
            Anonymous Coward

            Re: Side channel attacks

            Or by sending a one-way communique such as to a forum or ad so that no one knows the recipient. Everyone can see, but only the recipient can normally make sense of it (of course, an aware SigInt agent could be able to detect it, too, that's the risk).

        3. ecofeco Silver badge

          Re: Side channel attacks

          Exactly rh587.

    2. Version 1.0 Silver badge

      Re: Side channel attacks

      Exactly - this is only "news" to people who don't learn from history.

      1. Michael Wojcik Silver badge

        Re: Side channel attacks

        this is only "news" to people who don't learn from history

        Or to people who understand that academic research can be interesting even if it's not startling.

        Don't let me interrupt your middlebrow dismissal of things you don't understand, though.

    3. Wim Ton

      Re: Side channel attacks

      This was also called "Traffic Analysis".

    4. Michael Wojcik Silver badge

      Re: Side channel attacks

      Traffic analysis isn't usually described as a side channel in the IT security industry, though of course it is one, broadly speaking.

      There's a difference between what we might call "first-order" side channels that leak information directly from cryptographic operations, and traffic analysis and other "second-order" channels that leak information about what the entity using the protected data is doing. That difference is largely conceptual, but it does affect what aspects of the system can be compromised.

      Traffic analysis, which dates back to antiquity in some forms and is practiced informally in ordinary human interactions, is also much older than side-channel attacks on computation and other machine processes.

      Your observation that side-channel information leakage and efficiency are opposed is broadly correct, and arises as a consequence of information thermodynamics. There are some areas where the two can be increased together, such as reversible computing, which can1 reduce both power consumption and the detectable loss of information to the system's environment. On the whole, though, the ultimate defense against side channels is whitening, which means leaking more information, and thus power, than is necessary simply to perform the computation.

      For traffic analysis, whitening generally involves generating extra traffic (see e.g. Rivest's "chaffing and winnowing" protocol, which was originally developed to bypass restrictions on encryption but could also be deployed for this purpose).

      1In theory, and according to some experiments in practice, though the effect is not large enough to be economically interesting at this time.

  5. gollux

    One of those...

    This is a "no shit" type of finding. Yes, there is metadata that is used in the establishing of connections and outside of the encrypted connection that can be statistically and directly analyzed to identify the two stations exchanging information. We've known this all along unless we were hiding under a rock.

  6. choleric
    Holmes

    news angle?

    Nmap has been able to make highly educated estimates about platform, version and software stack for decades from simple network scans. The same logic has presumably also been applicable to network streams (except more accurately because there is far more data in a Facebook session than in a few pings) captured legitimately or nefariously. Surely the https info cannot be news?

    If they could work out the information about endpoints when examining only encrypted VPN traffic I would be more impressed.

  7. Anonymous Coward
    Anonymous Coward

    Who cares?

    The version of OS you are running is not exactly something you can keep secret anyway, due to differences in how the TCP/IP stacks work, not to mention more obviously information leaks.

    If someone wants to attack you, the only reason knowing your OS matters is to choose which attack to use instead of simply trying all the popular ones (or just the one they are hoping to compromise) It isn't like they're paying for bandwidth, what do they care if they try a Windows attack on iOS?

  8. allthecoolshortnamesweretaken

    Right. I've just sent a memo to management to the effect that in order to obscure our metadata we should increase our data traffic. I suggested constantly downloading huge amounts of graphics and video files from all over the world.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like