We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Tracking users with core Internet protocols

Logo of FOSDEM VZWFOSDEM VZW
 Mueller, Tobias

Formal Metadata

Title
Tracking users with core Internet protocols
Subtitle
Enhancing privacy and performance the Internet
Title of Series
Number of Parts
561
Author
License
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
TLS 1.3, QUIC, and TCP belong to the most important and most often used protocols on the Internet. We will point out how these protocols can be used to track user beyond what is commonly known to be possible. We also present modifications to the protocols for preserving the user's privacy. To further reduce the page load times on the Web, we point out how the layering between DNS, TCP, and TLS is affecting the speed of connection establishment between client-server pairs. Finally, we present modifications to some of those protocols to get us a faster and more privacy-friendly Internet. The download of an average Web site causes around one hundred small transactions from several hosts. Nowadays, the available bandwidth does not present an effective limitation of the page load time anymore. Thus, the design of a faster connection establishment is a promising direction to further improve the convenience of web browsing. To this end, TLS 1.3, QUIC and TCP Fast Open reduce the delay of the connection establishment by requiring the client to store data across several connections. These mechanisms, however, can be abused to stealthily track user's independent of traditional tracking approaches like HTTP Cookies, IP addresses, and browser fingerprinting. In particular, like TLS Session Resumption, QUIC's source-address Token, QUIC's server config, and TCP Fast Open cookies expose tokens which may be used to invade the users' privacy. To investigate the real-world feasibility of these tracking mechanisms, we analysed the configuration of popular Web browsers. Our worrying results indicate that especially via QUIC and TCP Fast Open tracking periods of multiple days are practical. While these protocols lead to faster connection setups, an initial connection establishment requires still at least three round-trip times (1 DNS, 1 TCP, 1 TLS 1.3). The idea of strict layering between those protocols prevents us from achieving further performance gains. In our talk, we will present cross-layer solutions which allow to substantially reduce the number of required round-trip times to establish initial connections on the Web without affecting the core components of each protocol, respectively. To substantiate the feasibility of our presented solutions, we implemented our approach and investigated its performance properties. Please note, that this talk assumes the audience to be familiar with the basic concepts of DNS, TCP, and TLS.