It's been long known that TLS is not the best privacy protecting protocol in that SNI leaks what domain the client connects to. I'm a bit surprised that I haven't seen the failure to protect user information when using client authentication mentioned, but it's likely that TLS client authentication is so rarely used, that this have not been on anyone's radar.
TL;DR: Just don't use TLS client authentication on anything before TLS 1.3.
With TLS 1.2 and earlier, if you use client authentication, the client certificate is transmitted in the clear. This contains enough information to uniquely identify the user. If it didn't, then there would be no way for the server to do the authentication.
The danger of this is that Eve (eavesdroppers) on path will be able to track your user's (or your)
connections, where they connect from, figure out how much data they
transfer between to/from your site and likely profile their usage.
I was confident that this was the case as I know that the entire handshake is in the clear. It isn't till the Finished messages that the session becomes encrypted. (TLS 1.3 fixed this by using a new derived key, [sender]_handshake_traffic_secret, to encrypt all the server params, which the client will use to encrypt it's response to the certificate request in the server params.) I decided to verify that this was the case.
I generated a server and a client certificate and key:
openssl req -batch -new -newkey rsa:1024 -days 365 -nodes -x509 -keyout server.key -out server.crt
openssl req -batch -new -newkey rsa:1024 -days 365 -nodes -x509 -keyout client.key -out client.crt
I then launched the server, and included the -Verify and -CAfile options for s_server to request a client certificate:
openssl s_server -accept 5829 -cert server.crt -key server.key -Verify 5 -CAfile client.crt -debug
Then I ran tcpdump to capture the session:
sudo tcpdump -s 0 -n -i lo0 -w clientcert.tcpdump port 5829
And then the client to connect to the server:
openssl s_client -connect localhost:5829 -key client.key -cert client.crt -debug
A usual, non-client authenticated connection and close was about 17 packets, but when I included the client authentication, it became 42 packets (the answer!).
I loaded the packet capture into wireshark, applied the SSL protocol analysis and confirmed that the client certificate was present in clear text:
So, there you have it. Do not use client authentication, pre-TLS 1.3, if you care about the privacy of your users.
It is safe to use client authentication w/ a TLS 1.3 server as long as the server requires all clients be 1.3 clients. If the key exchange algorithm is one of DHE_DSA, DHE_RSA, or an ECDH key exchange algorithm, the random bytes in the Hello messages are signed and these bytes are used by TLS 1.3 for downgrade protection. As the signature covers these bytes, the client would be able to detect any attempts to modify the server or client handshake messages to force a downgrade before it would send the client certificate.
Thanks to Mike Hamburg for reviewing an earlier version of this blog post and pointing out that TLS 1.3 was not vulnerable to this and helping w/ some of the research to prove it.
References:
Such a great information are there in your post and this will guide more people.
ReplyDeleteJAVA Training in Chennai
Best JAVA Training institute in Chennai
Python Training in Chennai
Selenium Training in Chennai
Android Training in Chennai
Big data training in chennai
JAVA Training in Chennai
Java Training in Tambaram
The effectiveness of IEEE Project Domains depends very much on the situation in which they are applied. In order to further improve IEEE Final Year Project Domains practices we need to explicitly describe and utilise our knowledge about software domains of software engineering Final Year Project Domains for CSE technologies. This paper suggests a modelling formalism for supporting systematic reuse of software engineering technologies during planning of software projects and improvement programmes in Final Year Projects for CSE.
DeleteSoftware management seeks for decision support to identify technologies like JavaScript that meet best the goals and characteristics of a software project or improvement programme. JavaScript Training in Chennai Accessible experiences and repositories that effectively guide that technology selection are still lacking.
Aim of technology domain analysis is to describe the class of context situations (e.g., kinds of JavaScript software projects) in which a software engineering technology JavaScript Training in Chennai can be applied successfully
The Angular Training covers a wide range of topics including Components, Angular Directives, Angular Services, Pipes, security fundamentals, Routing, and Angular programmability. The new Angular TRaining will lay the foundation you need to specialise in Single Page Application developer. Angular Training
such a awesome info bro,thanks for this post
ReplyDelete.Very well written article thanks for posting this amazing article with us keep growing and keep hustling
Selenium course in chennai
best selenium training institute in chennai
best selenium training in chennai
selenium training in chennai omr
selenium training in omr
big data course in chennai
big data hadoop training in chennai
big data analytics courses in chennai
Here is the details of BMIT (Medical Imaging Technology) colleges in Bangalore. If you are looking to study BMIT in Bangalore, the below will help you to find the best BMIT colleges in Bangalore.
ReplyDeleteBSc Medical Imaging Technology Colleges in Bangalore | Medical Imaging Technology Colleges in Bangalore |
Here is the details of B.Sc Optometry colleges in Bangalore. If you are looking to study BSc Optometry in Bangalore, the below will help you to find the best Optometry colleges in Bangalore.
ReplyDeleteBSc Optometry Colleges in Bangalore | Optometry Colleges in Bangalore |
Here is the details of B.Sc Renal Dialysis Technology colleges in Bangalore. If you are looking to study BSc Renal Dialysis Technology in Bangalore, the below will help you to find the best Renal Dialysis Technology colleges in Bangalore.
ReplyDeleteBSc Renal Dialysis Colleges in Bangalore | Renal Dialysis Technology Colleges in Bangalore |
Here is the details of B.Sc Respiratory Care Technology colleges in Bangalore. If you are looking to study BSc Respiratory Care Technology in Bangalore, the below will help you to find the best Respiratory Technology colleges in Bangalore.
ReplyDeleteBSc Respiratory Care Technology Colleges in Bangalore | Respiratory Care Colleges in Bangalore |
Here is the details of B.Sc Cardiac Care Technology colleges in Bangalore. If you are looking to study BSc Cardiac Care Technology in Bangalore, the below will help you to find the best Cardiac Care Technology colleges in Bangalore.
ReplyDeleteBSc Cardiac Care Technology Colleges in Bangalore | Cardiac Care Colleges in Bangalore |
Here is the details of B.Sc Perfusion Technology colleges in Bangalore. If you are looking to study BSc Perfusion Technology in Bangalore, the below will help you to find the best Perfusion Technology colleges in Bangalore.
ReplyDeleteBSc Perfusion Technology Colleges in Bangalore | Perfusion Technology Colleges in Bangalore |
Are you looking for Advertising Agency in Riyadh. Here, I would like you to share best Branding Agency Riyadh & Marketing Agency Riyadh
ReplyDeleteHere is the best Digital Marketing Agency Riyadh. If you are looking for a social media agency Riyadh, the above(link) company is the best
ReplyDeleteWow, I can say that this is another great article as expected of this blog. Thanks a million and please keep up the effective work.
ReplyDeleteVisit us for Customised Credit Card Shaped Pen Drive.
I believe that your blog will surely help the readers who are really in need of this vital piece of information. Waiting for your updates
ReplyDeletekeep it up!!
android training in chennai
android online training in chennai
android training in bangalore
android training in hyderabad
android Training in coimbatore
android training
android online training
Really,this article is truly one of the best, information shared was valuable and resourceful Very good work thank you.
ReplyDeletetally training in chennai
hadoop training in chennai
sap training in chennai
oracle training in chennai
angular js training in chennai