LWN: Comments on "Fingerprinting systems with TCP source-port selection"

Fingerprinting systems with TCP source-port selection

scientes — Wed, 19 Oct 2022 13:42:29 +0000

As only TCP and UDP, and a few ICMP packets actually can be relied to make it through the internet, the 48-bit effective address of a UDP packet is actually a good reason to not implement ipv6. And there really is only one protocol that is firmly attached to a port number: http and TLS + http, with 80 and 443, respectively; with the eSNI protocol that the same creator of RFC 7250 wrote there is no loss in using a proxy, except that you have to trust TLS==http back-end proxies, of course. DNS is irrelevent because it is a tree, and not a web. And there are simple and standard ways to map dns to ip addresses AND port numbers. IPv6 is simply not needed, and a waste of time. Just like WiFi 6, and "5G" (a technology so stupid that it generally should be avoided even mentioning it).

Fingerprinting systems with TCP source-port selection

developer122 — Fri, 14 Oct 2022 00:43:05 +0000

>It has long been understood that there is value in making those numbers unpredictable; to do otherwise would make connections more vulnerable to hazards like reset attacks or even data injection.

Can someone provide background on how correct port selection specificaly helps prevent these issues?

Fingerprinting systems with TCP source-port selection

gdt — Thu, 13 Oct 2022 03:53:34 +0000

Academics' continued employment depends upon publication in academic journals. When universities consider employment and promotion, academics are not assessed on the quality of their interaction with the Linux kernel community, on how much urgent hassle they cause for Linux distributors, or the risk their work creates for Linux users; they are assessed on the number and impact of their academic publications.

A university employer would see no problem with an academic preferring full publication of the fault in an academic journal over following some 'Linux community responsible disclosure' process which precludes such publication.

That in turn means that if the Linux kernel community wants pre-disclosure of faults, then they have to provide a process which does not create unenviable choices for academics.

You can argue that academic publishing is broken, and that academics should be evaluated using broader criteria. Neither of those arguments is new, and the Linux community isn't going to be the group which successfully corrects either of those issues.

Fingerprinting systems with TCP source-port selection

meyert — Tue, 11 Oct 2022 20:46:56 +0000

So this attack needs to run some code locally on my machine to work, right? Another reason to disable Javascript?

Fingerprinting systems with TCP source-port selection

NYKevin — Sat, 08 Oct 2022 23:00:15 +0000

IMHO there are a few exceptions here:

1. The hashing algorithm is salted with a CSPRNG value generated at startup. But this requires you to know what you are doing, because there are a variety of side-channel attacks that might leak this value or allow an attacker to make educated guesses about it. For example, if a collision happens, a request might take slightly longer to process, and if an attacker can observe collisions, they may be able to try different keys and figure out the possible salt values. Or maybe not, as this is probably infeasible for very large keyspaces and salts.
2. A "perfect" hashing algorithm (i.e. an algorithm that never collides - only possible if there are at least as many hash buckets as valid keys, or if you can somehow prove that no two valid keys that collide will ever be used simultaneously, so you can't do this in the general case).
3. You have hard-realtime requirements, you absolutely need O(1) performance, and it is acceptable to drop requests that cause collisions. I'm not sure why you would want that, but it is theoretically a valid combination of requirements.

Fingerprinting systems with TCP source-port selection

wtarreau — Sat, 08 Oct 2022 12:08:35 +0000

This is completely unrelated. It's not a lookup hash table, it's a hashing function, which converts a 5 tuple to an index. Nothing more. The table that is mentioned is a mapping that breaks the relation between the input and output. It can be completely random.

Fingerprinting systems with TCP source-port selection

flussence — Fri, 07 Oct 2022 21:54:24 +0000

In a sense, this is what IPv6 with privacy extensions enabled would accomplish: 64 extra bits of randomness, and as every connection uses a different IP the port number can also be fully randomised without risk of collisions.

We'd still need this algorithm though because IPv4 isn't going away any time soon.

Curl

corbet — Fri, 07 Oct 2022 15:55:15 +0000

You're correct, that was a poor example, apologies for the confusion.

Fingerprinting systems with TCP source-port selection

bostjan — Fri, 07 Oct 2022 15:38:56 +0000

How can curl be affected by this? Curl does not execute any code fetched from a remote location.

Fingerprinting systems with TCP source-port selection

epa — Fri, 07 Oct 2022 15:23:11 +0000

I don't know what Knuth wrote, but it's undeniable that hashing depends to some extent on "luck". If you are very "unlucky" then you will get lots of hash collisions, and performance degrades. In other words, while the average case performance is fine, the worst case is poor. If your input data may be chosen by an attacker, you have to worry about the worst case performance, even though in a benign environment it is so unlikely you can dismiss it. Or you have to be certain your hash function is secure enough that an attacker won't find a way to make it degrade.

Fingerprinting systems with TCP source-port selection

Wol — Fri, 07 Oct 2022 13:59:18 +0000

My immediate reaction is that a hash tree relies on *pseudo*randomness. As such, it is always vulnerable to being cracked.

If you use a drunken walk to walk a balanced tree, then you both avoid re-using values you've already used, and you end up in a genuinely random new place every time. And as the tree grows, the number of random numbers used to get a new value grows - after 1000 values a tree with 2 nodes per branch will require a ten-step drunken walk ... if your RNG truly is random then no way is an attacker going to predict where you'll end up.

Cheers,
Wol

Fingerprinting systems with TCP source-port selection

wittenberg — Fri, 07 Oct 2022 13:20:07 +0000

Could you give a reference please? I'd like to see his reasoning.

Fingerprinting systems with TCP source-port selection

scientes — Fri, 07 Oct 2022 10:50:36 +0000

Nobody less than Donald E Knuth says that balanced trees and not hash tables must be used for security considerations in many places.

Fingerprinting systems with TCP source-port selection

scientes — Fri, 07 Oct 2022 10:49:49 +0000

Why not use a balanced rb-tree instead of a hash table that is now so friggen big, because balanced trees are immune to collision attacks.

You could also just use a balanced tree WHEN there is a collision, which also breaks the O(n^2) pathological case of hash collisions.

Fingerprinting systems with TCP source-port selection

unixbhaskar — Thu, 06 Oct 2022 22:39:45 +0000

Well, this stands out ...

"n this case, the lengthy period of secrecy seemingly had nothing to do with security. The fixes were public and were quickly incorporated into any kernel that is being maintained with an eye toward security problems. Instead, this delay was entirely created by the requirements of the journal publishing the article describing the vulnerability. That journal's demand for exclusivity, in a way that was convenient for its own publication schedule, prohibited the posting of an explanation of the vulnerability elsewhere. "

Bad practices mar all the good work and importantly kill the enjoyment of solving "real problems"...

Fingerprinting systems with TCP source-port selection

mfuzzey — Thu, 06 Oct 2022 20:50:35 +0000

The RFC linked explains this (and gives the example of using a RNG).

The two desired properties are
1) Minimize the port reuse frequency
2) Be unpredicatble

The simple classic counter does 1 but not 2 whereas a RNG does 2 but not 1.
The algorithm used does both.

Fingerprinting systems with TCP source-port selection

amarao — Thu, 06 Oct 2022 20:16:53 +0000

Why not to use PRNG for selecting a new port?